js-string-escape
Advanced tools
The js-string-escape npm package is a utility for escaping JavaScript strings. It ensures that special characters in strings are properly escaped, making them safe for use in JavaScript code.
Basic String Escaping
This feature allows you to escape special characters in a string, such as quotes, backslashes, and newlines, making the string safe for use in JavaScript code.
const jsStringEscape = require('js-string-escape');
const escapedString = jsStringEscape('Hello "world"!');
console.log(escapedString); // Output: Hello \"world\"!The jsesc package is a versatile JavaScript library for escaping JavaScript strings. It offers more configuration options compared to js-string-escape, such as the ability to escape only certain characters or to output the escaped string in different formats (e.g., hexadecimal, Unicode).
The he package is primarily used for escaping and unescaping HTML entities, but it also provides functionality for escaping JavaScript strings. It is more focused on handling HTML entities, making it a good choice if you need to work with both HTML and JavaScript string escaping.
The lodash.escape function is part of the Lodash library, a popular utility library for JavaScript. It provides basic string escaping functionality similar to js-string-escape, but as part of a larger suite of utility functions. If you are already using Lodash in your project, lodash.escape can be a convenient option.
Escape any string to be a valid JavaScript string literal between double quotes or single quotes.
npm install js-string-escape
If you need to generate JavaScript output, this library will help you safely put arbitrary data in JavaScript strings:
jsStringEscape = require('js-string-escape')
console.log('"' + jsStringEscape('Quotes (\", \'), newlines (\n), etc.') + '"')
// => "Quotes (\", \'), newlines (\n), etc."
In other words, given any string s, the following invariants hold:
eval('"' + jsStringEscape(s) + '"') === s
eval("'" + jsStringEscape(s) + "'") === s
These eval expressions are safe with untrusted strings s.
Non-strings will be cast to strings.
This library has been checked against ECMAScript 5.1 and tested against all Unicode code points.
Note that the returned string is not necessarily valid JSON, since JSON
disallows control characters, and \' is illegal in JSON.
1.0.1
FAQs
Escape strings for use as JavaScript string literals
The npm package js-string-escape receives a total of 2,417,170 weekly downloads. As such, js-string-escape popularity was classified as popular.
We found that js-string-escape demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.