micromark-util-encode

What is micromark-util-encode?

The micromark-util-encode package is a utility library for encoding HTML entities in text. It is part of the micromark ecosystem, which is a markdown parser compliant with CommonMark. This utility is specifically designed to help with the encoding of characters that have special meaning in HTML, ensuring that text is safely and correctly displayed in an HTML context.

What are micromark-util-encode's main functionalities?

HTML Entity Encoding

This feature allows for the encoding of text containing characters that have special meaning in HTML, such as '<', '>', and '&', into their corresponding HTML entities. This is useful for displaying user-generated content without risking HTML injection vulnerabilities.

"use strict";

var encode = require('micromark-util-encode');

var result = encode('<div>Hello & Welcome</div>');
console.log(result); // Outputs: '&lt;div&gt;Hello &amp; Welcome&lt;/div&gt;'

Other packages similar to micromark-util-encode

he

The 'he' package is a robust HTML entity encoder/decoder written in JavaScript. It supports all named character references defined in HTML, handling encoding and decoding in a comprehensive manner. Compared to micromark-util-encode, 'he' offers a broader set of functionalities for dealing with HTML entities beyond just encoding, including decoding capabilities.

escape-html

The 'escape-html' package is a simple utility for escaping HTML entities in strings. It focuses solely on converting characters like '<', '>', '&', '"', and "'" into their corresponding HTML entities to prevent HTML injection. While it serves a similar purpose to micromark-util-encode in terms of preventing HTML injection, it does not belong to a larger markdown processing ecosystem and is more limited in scope.

README

micromark-util-encode

micromark utility to encode dangerous html characters.

Contents

• What is this?
• When should I use this?
• Install
• Use
• API
  • encode(value)
• Types
• Compatibility
• Security
• Contribute
• License

What is this?

This package exposes an algorithm to make text safe for embedding in HTML.

When should I use this?

This package might be useful when you are making your own micromark extensions.

Install

This package is ESM only. In Node.js (version 16+), install with npm:

npm install micromark-util-encode

In Deno with esm.sh:

import {encode} from 'https://esm.sh/micromark-util-encode@1'

In browsers with esm.sh:

<script type="module">
  import {encode} from 'https://esm.sh/micromark-util-encode@1?bundle'
</script>

Use

import {encode} from 'micromark-util-encode'

encode('<3') // '&lt;3'

API

This module exports the identifier encode. There is no default export.

encode(value)

Encode only the dangerous HTML characters.

This ensures that certain characters which have special meaning in HTML are dealt with. Technically, we can skip > and " in many cases, but CM includes them.

Parameters

• value (string) — value to encode

Returns

Encoded value (string).

Types

This package is fully typed with TypeScript. It exports no additional types.

Compatibility

Projects maintained by the unified collective are compatible with maintained versions of Node.js.

When we cut a new major release, we drop support for unmaintained versions of Node. This means we try to keep the current release line, micromark-util-encode@2, compatible with Node.js 16. This package works with micromark@3.

Security

This package is safe. See security.md in micromark/.github for how to submit a security report.

Contribute

See contributing.md in micromark/.github for ways to get started. See support.md for ways to get help.

This project has a code of conduct. By interacting with this repository, organisation, or community you agree to abide by its terms.

License

MIT © Titus Wormer