Socket
Socket
Sign inDemoInstall

entities

Package Overview
Dependencies
0
Maintainers
1
Versions
29
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

entities

Encode & decode XML and HTML entities with ease


Version published
Maintainers
1
Weekly downloads
51,432,960
decreased by-6.03%

Weekly downloads

Package description

What is entities?

The 'entities' npm package is a library that helps with encoding and decoding HTML entities. It is useful for dealing with HTML data in text form and can be used to prevent XSS attacks by sanitizing input or output.

What are entities's main functionalities?

Encode HTML Entities

Encodes special characters in a string to their corresponding HTML entities. Useful for displaying text on a webpage without it being interpreted as HTML.

"require('entities').encodeHTML('<div>Hello & welcome!</div>');"

Decode HTML Entities

Decodes HTML entities back to their original characters. This is useful for processing text that contains HTML entities and converting them to their readable form.

"require('entities').decodeHTML('&lt;div&gt;Hello &amp; welcome!&lt;/div&gt;');"

Encode XML Entities

Similar to encoding HTML entities, but specifically for XML, which has a smaller set of entities.

"require('entities').encodeXML('<note>Priority & importance</note>');"

Decode XML Entities

Decodes XML entities back to their original characters, which is useful when working with XML data.

"require('entities').decodeXML('&lt;note&gt;Priority &amp; importance&lt;/note&gt;');"

Other packages similar to entities

Readme

Source

entities NPM version Downloads Build Status Coverage

Encode & decode HTML & XML entities with ease & speed.

How to…

…install entities

npm install entities

…use entities

const entities = require("entities");

//encoding
entities.escape("&#38;"); // "&#x26;#38;"
entities.encodeXML("&#38;"); // "&amp;#38;"
entities.encodeHTML("&#38;"); // "&amp;&num;38&semi;"

//decoding
entities.decodeXML("asdf &amp; &#xFF; &#xFC; &apos;"); // "asdf & ÿ ü '"
entities.decodeHTML("asdf &amp; &yuml; &uuml; &apos;"); // "asdf & ÿ ü '"

Performance

This is how entities compares to other libraries on a very basic benchmark (see scripts/benchmark.ts, for 10,000,000 iterations):

Librarydecode perfencode perfescape perfBundle size
entities1.418s6.786s2.196snpm bundle size
html-entities2.530s6.829s2.415snpm bundle size
he5.800s24.237s3.624snpm bundle size
parse-entities9.660sN/AN/Anpm bundle size

Acknowledgements

This libary wouldn't be possible without the work of these individuals. Thanks to

  • @mathiasbynens for his explanations about character encodings, and his library he, which was one of the inspirations for entities
  • @inikulin for his work on optimized tries for decoding HTML entities for the parse5 project
  • @mdevils for taking on the challenge of producing a quick entity library with his html-entities library. entities would be quite a bit slower if there wasn't any competition. Right now entities is on top, but we'll see how long that lasts!

License: BSD-2-Clause

Security contact information

To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.

entities for enterprise

Available as part of the Tidelift Subscription

The maintainers of entities and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. Learn more.

Keywords

FAQs

Last updated on 09 Aug 2021

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc