safe-decode-uri-component
Advanced tools
Safely decode URI components, leaving invalid sequences as they are
Decodes strings encoded by encodeURI and encodeURIComponent, without
throwing errors on invalid escapes.
const base = "http://github.com";
const query = `?value=${encodeURIComponent('test ⚡')}`;
const url = base + query; // => "http://github.com?value=test%20%E2%9A%A1"
// Now, something happens and the url gets truncated:
// url = "http://github.com?value=test%20%E2%9A%A"
decodeURIComponent(url); // THROWS ERROR
Truncating "useless" params from a URL happen for any number of reasons. Or, maybe a your user just typed in a bad URL? Either way, it's annoying when all you want is the decoded value, treating invalid escapes as if they were just regular characters.
const decode = require('safe-decode-uri-component');
decode(url); // => "http://github.com?value=test %E2%9A%A"
Notice that %20 was decoded to a space, and the invalid sequence
%E2%9A%A remains. This is exactly like decodeURIComponent, except we
don't balk at an invalid sequence.
decode("value=test%20%E2%9A%A1"); // => "value=test ⚡"
decode("value=test%20%E2%9A%A"); // => "value=test %E2%9A%A"
decode("value=test%20%E2%9A%"); // => "value=test %E2%9A%"
decode("value=test%20%E2%9A"); // => "value=test %E2%9A"
decode("value=test%20%E2%9"); // => "value=test %E2%9"
decode("value=test%20%E2%"); // => "value=test %E2%"
decode("value=test%20%E2"); // => "value=test %E2"
decode("value=test%20%E"); // => "value=test %E"
decode("value=test%20%"); // => "value=test %"
decode("value=test%20"); // => "value=test "
decode("value=test%2"); // => "value=test%2"
decode("value=test%"); // => "value=test%"
decode("value=test"); // => "value=test"
npm install --save safe-decode-uri-component
We also provide a native Node.js module, available as the native tag:
npm install --save safe-decode-uri-component@native
It's way faster, faster than even native decodeURIComponent.
$ npm run benchmark
Short String (native) x 1,448,425 ops/sec ±0.97% (85 runs sampled)
Short String (safe) x 3,449,002 ops/sec ±0.73% (88 runs sampled)
Fastest is Short String (safe)
Medium String (native) x 18,491 ops/sec ±0.84% (90 runs sampled)
Medium String (safe) x 22,695 ops/sec ±0.81% (88 runs sampled)
Fastest is Medium String (safe)
Long String (native) x 33.56 ops/sec ±1.01% (58 runs sampled)
Long String (safe) x 41.83 ops/sec ±0.73% (54 runs sampled)
Fastest is Long String (safe)
FAQs
Safely decode URI components, leaving invalid sequences as they are
The npm package safe-decode-uri-component receives a total of 6,927 weekly downloads. As such, safe-decode-uri-component popularity was classified as popular.
We found that safe-decode-uri-component demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious Go packages are impersonating popular libraries to install hidden loader malware on Linux and macOS, targeting developers with obfuscated payloads.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.