Escape a string to be safe for use in html.
characters are replaced with with their named character references:
". Escaped strings will be safe
for use in the following contexts:
- RCDATA and DATA (content of all elements except for
- Single-quoted attribute values
- Double-quoted attribute values
var escape = ;var xssAttempt = "Hello <script>while(1);</script> world!";// Output safe htmlconsole;// "<p>Hello <script>while(1);</script> world!</p>"
npm install html-escape