Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
encoder.js
Advanced tools
Readme
An encoding library in JavaScript
HTML encode an input string
var encoder = require('encoder.js');
var input = '100 > 200 is incorrect';
var encoded = encoder.encodeHTML(input); //100 > 200 is incorrect
HTML decode an input string
var encoder = require('encoder.js');
var intput = '100 > 200 is incorrect';
var decoded = encoder.decodeHTML(input); //100 > 200 is incorrect
HTML attribute encode an input string, this method only encode 4 characters: &
, <
, '
and "
var encoder = require('encoder.js');
var input = '100<200';
var encoded = encoder.encodeHTMLAttr(input); //100<200
// but '>' will be not encoded
input = '200>100';
encoded = encoder.encodeHTMLAttr(input); //200>100
To decode HTML attribute, use encoder.decodeHTML
Characters '\r\t"\n\b\f'
will be escaped to '\\r\\t\\"\\n\\b\\f'
var input = '\r\t"\n\b\f';
var encoded = encoder.encodeJavaScript(input); //\r\t\"\n\b\f
Any control character (code < 0x20) will be encoded
var input = String.fromCharCode(0) + String.fromCharCode(16) + String.fromCharCode(31);
var encoded = encoder.encodeJavaScript(input); //\u0000\u0010\u001f
Characters #133, #8232 and #8233 will be encoded
var input = String.fromCharCode(133) + String.fromCharCode(8232) + String.fromCharCode(8233);
var encoded = encoder.encodeJavaScript(input); //\u0085\u2028\u2029
XML encode has the same behavior as HTML encode except XML encode converts '
into '
var input = '\'';
var encoded = encoder.xmlEncode(input); //'
URI encode an input string
var encoder = require('./encoder.js');
var input = 'http://www.example.com/abc 123';
var encoded = encoder.encodeURI(input); //http://www.example.com/abc%20123
URI decode an input string
var encoder = require('./encoder.js');
var input = 'http://www.example.com/abc%20123';
var decoded = encoder.decodeURI(input); //http://www.example.com/abc 123
Base64 encode a string
var input = 'Hello World!';
var encoded = encoder.base64Encode(input); //"SGVsbG8gV29ybGQh"
Decode a base64 string
var input = 'SGVsbG8gV29ybGQh';
var encoded = encoder.base64Decode(input); //"Hello World!"
Make sure mocha
is installed globally
npm install mocha -g
Run npm test
to run unit test
MIT
FAQs
An encoding library in JavaScript
We found that encoder.js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.