js-string-escape
Advanced tools
The js-string-escape npm package is a utility for escaping JavaScript strings. It ensures that special characters in strings are properly escaped, making them safe for use in JavaScript code.
Basic String Escaping
This feature allows you to escape special characters in a string, such as quotes, backslashes, and newlines, making the string safe for use in JavaScript code.
const jsStringEscape = require('js-string-escape');
const escapedString = jsStringEscape('Hello "world"!');
console.log(escapedString); // Output: Hello \"world\"!The jsesc package is a versatile JavaScript library for escaping JavaScript strings. It offers more configuration options compared to js-string-escape, such as the ability to escape only certain characters or to output the escaped string in different formats (e.g., hexadecimal, Unicode).
The he package is primarily used for escaping and unescaping HTML entities, but it also provides functionality for escaping JavaScript strings. It is more focused on handling HTML entities, making it a good choice if you need to work with both HTML and JavaScript string escaping.
The lodash.escape function is part of the Lodash library, a popular utility library for JavaScript. It provides basic string escaping functionality similar to js-string-escape, but as part of a larger suite of utility functions. If you are already using Lodash in your project, lodash.escape can be a convenient option.
Escape any string to be a valid JavaScript string literal between double quotes or single quotes.
npm install js-string-escape
If you need to generate JavaScript output, this library will help you safely put arbitrary data in JavaScript strings:
jsStringEscape = require('js-string-escape')
console.log('"' + jsStringEscape('Quotes (\", \'), newlines (\n), etc.') + '"')
// => "Quotes (\", \'), newlines (\n), etc."
In other words, given any string s, the following invariants hold:
eval('"' + jsStringEscape(s) + '"') === s
eval("'" + jsStringEscape(s) + "'") === s
These eval expressions are safe with untrusted strings s.
Non-strings will be cast to strings.
This library has been checked against ECMAScript 5.1 and tested against all Unicode code points.
Note that the returned string is not necessarily valid JSON, since JSON
disallows control characters, and \' is illegal in JSON.
1.0.1
FAQs
Escape strings for use as JavaScript string literals
The npm package js-string-escape receives a total of 2,224,718 weekly downloads. As such, js-string-escape popularity was classified as popular.
We found that js-string-escape demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.
Security News
NIST's new password guidelines remove periodic changes and special character requirements, focusing on longer, more secure passwords for better authentication practices.