decode-uri-component
Advanced tools
The decode-uri-component package is designed to provide a more robust and comprehensive solution for decoding URI components than the native JavaScript decodeURIComponent function. It aims to correctly handle all the nuances of URI encoding, including decoding characters that the native function may not handle correctly.
Decoding URI components
This feature allows you to decode URI components that may contain encoded representations of characters that could be used in XSS attacks or other malicious activities. The code sample demonstrates how to decode a URI component that represents a script tag with an alert function, which would be a potential security risk if not properly decoded.
"use strict";\nconst decodeUriComponent = require('decode-uri-component');\nconsole.log(decodeUriComponent('%3Cscript%3Ealert(%27XSS%27)%3C%2Fscript%3E'));The query-string package is used for parsing and stringifying URL query strings. It offers similar functionality in terms of decoding URI components as part of its parsing process. However, it is more focused on handling the entire query string rather than just individual URI components.
Similar to query-string, the qs package provides methods for parsing and stringifying query strings. It can decode URI components when parsing query strings. qs is known for its depth control and array parsing capabilities, making it more versatile for complex query strings compared to decode-uri-component, which focuses solely on decoding.
A better decodeURIComponent
�.$ npm install --save decode-uri-component
import decodeUriComponent from 'decode-uri-component';
decodeUriComponent('%25');
//=> '%'
decodeUriComponent('%');
//=> '%'
decodeUriComponent('st%C3%A5le');
//=> 'ståle'
decodeUriComponent('%st%C3%A5le%');
//=> '%ståle%'
decodeUriComponent('%%7Bst%C3%A5le%7D%');
//=> '%{ståle}%'
decodeUriComponent('%7B%ab%%7C%de%%7D');
//=> '{%ab%|%de%}'
decodeUriComponent('%FE%FF');
//=> '\uFFFD\uFFFD'
decodeUriComponent('%C2');
//=> '\uFFFD'
decodeUriComponent('%C2%B5');
//=> 'µ'
Type: string
An encoded component of a Uniform Resource Identifier.
MIT © Sam Verschueren
FAQs
A better decodeURIComponent
The npm package decode-uri-component receives a total of 12,503,266 weekly downloads. As such, decode-uri-component popularity was classified as popular.
We found that decode-uri-component demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.
Security News
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.