├── .gitignore ├── package.json ├── LICENSE-MIT ├── README.md ├── index.js └── test └── index.js /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules 2 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "scapegoat", 3 | "version": "1.0.0", 4 | "description": "A small library providing utility methods to escape and unescape HTML entities", 5 | "main": "index.js", 6 | "scripts": { 7 | "test": "./node_modules/.bin/mocha --reporter spec" 8 | }, 9 | "repository": { 10 | "type": "git", 11 | "url": "git://github.com/brentertz/scapegoat.git" 12 | }, 13 | "keywords": [ 14 | "escape", 15 | "unescape", 16 | "html" 17 | ], 18 | "author": "Brent Ertz (http://brentertz.com/)", 19 | "licenses": [ 20 | { 21 | "type": "MIT", 22 | "url": "https://github.com/brentertz/scapegoat/blob/master/LICENSE-MIT" 23 | } 24 | ], 25 | "bugs": { 26 | "url": "https://github.com/brentertz/scapegoat/issues" 27 | }, 28 | "devDependencies": { 29 | "mocha": "~1.16.2", 30 | "chai": "~1.8.1" 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /LICENSE-MIT: -------------------------------------------------------------------------------- 1 | Copyright (c) 2014 Brent Ertz 2 | 3 | Permission is hereby granted, free of charge, to any person 4 | obtaining a copy of this software and associated documentation 5 | files (the "Software"), to deal in the Software without 6 | restriction, including without limitation the rights to use, 7 | copy, modify, merge, publish, distribute, sublicense, and/or sell 8 | copies of the Software, and to permit persons to whom the 9 | Software is furnished to do so, subject to the following 10 | conditions: 11 | 12 | The above copyright notice and this permission notice shall be 13 | included in all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES 17 | OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 19 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, 20 | WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 21 | FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 22 | OTHER DEALINGS IN THE SOFTWARE. 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Scapegoat 2 | ========= 3 | 4 | A minimal node module providing utility methods to `escape` and `unescape` HTML entities 5 | 6 | See the associated blog post, ["Creating and publishing a node.js module."](https://quickleft.com/blog/creating-and-publishing-a-node-js-module/) 7 | 8 | ## Installation 9 | 10 | ```shell 11 | npm install scapegoat --save 12 | ``` 13 | 14 | ## Usage 15 | 16 | ```js 17 | var scapegoat = require('scapegoat') 18 | escape = scapegoat.escape, 19 | unescape = scapegoat.unescape; 20 | 21 | var html = '

Hello World

', 22 | escaped = escape(html), 23 | unescaped = unescape(escaped); 24 | 25 | console.log('html', html, 'escaped', escaped, 'unescaped', unescaped); 26 | ``` 27 | 28 | ## Tests 29 | 30 | ```shell 31 | npm test 32 | ``` 33 | 34 | ## Contributing 35 | 36 | In lieu of a formal styleguide, take care to maintain the existing coding style. 37 | Add unit tests for any new or changed functionality. Lint and test your code. 38 | 39 | ## Release History 40 | 41 | * 1.0.0 Refactor to avoid double unescape and to use npm scripts instead 42 | of makefile. Also add link to associated blog post. 43 | * 0.1.0 Initial release 44 | -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Scapegoat 3 | * https://github.com/brentertz/scapegoat 4 | * 5 | * Copyright (c) 2014 Brent Ertz 6 | * Licensed under the MIT license. 7 | */ 8 | 9 | var chars = { 10 | '&': '&', 11 | '"': '"', 12 | ''': '\'', 13 | '<': '<', 14 | '>': '>' 15 | }; 16 | 17 | /** 18 | * Escape special characters in the given string of html. 19 | * 20 | * @param {String} html 21 | * @return {String} 22 | */ 23 | module.exports = { 24 | escape: function(html) { 25 | if (!html) { 26 | return ''; 27 | } 28 | 29 | var values = Object.keys(chars).map(function(key) { return chars[key]; }); 30 | var re = new RegExp('(' + values.join('|') + ')', 'g'); 31 | 32 | return String(html).replace(re, function(match) { 33 | for (var key in chars) { 34 | if (chars.hasOwnProperty(key) && chars[key] === match) { 35 | return key; 36 | } 37 | } 38 | }); 39 | }, 40 | 41 | /** 42 | * Unescape special characters in the given string of html. 43 | * 44 | * @param {String} html 45 | * @return {String} 46 | */ 47 | unescape: function(html) { 48 | if (!html) { 49 | return ''; 50 | } 51 | 52 | var re = new RegExp('(' + Object.keys(chars).join('|') + ')', 'g'); 53 | 54 | return String(html).replace(re, function(match) { 55 | return chars[match]; 56 | }); 57 | } 58 | }; 59 | -------------------------------------------------------------------------------- /test/index.js: -------------------------------------------------------------------------------- 1 | var should = require('chai').should(), 2 | scapegoat = require('../index'), 3 | escape = scapegoat.escape, 4 | unescape = scapegoat.unescape; 5 | 6 | describe('#escape', function() { 7 | it('converts & into &', function() { 8 | escape('&').should.equal('&'); 9 | }); 10 | 11 | it('converts " into "', function() { 12 | escape('"').should.equal('"'); 13 | }); 14 | 15 | it('converts \' into '', function() { 16 | escape('\'').should.equal('''); 17 | }); 18 | 19 | it('converts < into <', function() { 20 | escape('<').should.equal('<'); 21 | }); 22 | 23 | it('converts > into >', function() { 24 | escape('>').should.equal('>'); 25 | }); 26 | 27 | it('returns empty string if called with falsey value', function() { 28 | escape().should.equal(''); 29 | escape('').should.equal(''); 30 | escape(null).should.equal(''); 31 | }); 32 | }); 33 | 34 | describe('#unescape', function() { 35 | it('converts & into &', function() { 36 | unescape('&').should.equal('&'); 37 | }); 38 | 39 | it('converts " into "', function() { 40 | unescape('"').should.equal('"'); 41 | }); 42 | 43 | it('converts ' into \'', function() { 44 | unescape(''').should.equal('\''); 45 | }); 46 | 47 | it('converts < into <', function() { 48 | unescape('<').should.equal('<'); 49 | }); 50 | 51 | it('converts > into >', function() { 52 | unescape('>').should.equal('>'); 53 | }); 54 | 55 | it('does not double unescape values', function() { 56 | unescape('&quot;').should.equal('"'); 57 | }); 58 | 59 | it('returns empty string if called with falsey value', function() { 60 | unescape().should.equal(''); 61 | unescape('').should.equal(''); 62 | unescape(null).should.equal(''); 63 | }); 64 | }); 65 | --------------------------------------------------------------------------------