{
"url": "https://unifast.dev/docs/packages/core/escape-html/",
"locale": "en",
"title": "escapeHtml()",
"description": "Escape HTML special characters in a string.",
"section": "packages",
"body": "```ts\nimport { escapeHtml } from \"@unifast/core\";\n```\n\n## Signature\n\n```ts\nfunction escapeHtml(str: string): string\n```\n\n## Parameters\n\n### str\n\n| Property | Type | Default | Description |\n|----------|------|---------|-------------|\n| `str` | `string` | — | The string containing characters to escape |\n\n## Returns\n\n`string` — The input string with `&`, `<`, `>`, and `\"` replaced by their HTML entity equivalents.\n\n## Usage\n\n```ts\nimport { escapeHtml } from \"@unifast/core\";\n\nconst safe = escapeHtml('');\n\nconsole.log(safe);\n// <script>alert("xss")</script>\n```\n\n## Examples\n\n### Basic escaping\n\n```ts\nimport { escapeHtml } from \"@unifast/core\";\n\nconsole.log(escapeHtml(\"Tom & Jerry\"));\n// Tom & Jerry\n\nconsole.log(escapeHtml('class=\"main\"'));\n// class="main"\n\nconsole.log(escapeHtml(\"1 < 2 > 0\"));\n// 1 < 2 > 0\n```\n\n### Escaping user-generated content\n\n```ts\nimport { escapeHtml } from \"@unifast/core\";\n\nconst userComment = '
';\nconst html = ``;\n\nconsole.log(html);\n// \n```\n\n### Building safe HTML attributes\n\n```ts\nimport { escapeHtml } from \"@unifast/core\";\n\nconst title = 'He said \"hello\" & waved';\nconst html = `Hover me`;\n\nconsole.log(html);\n// Hover me\n```\n\n## Behavior\n\n- **`&`** is replaced with `&`\n- **`<`** is replaced with `<`\n- **`>`** is replaced with `>`\n- **`\"`** is replaced with `"`\n- All other characters are left unchanged",
"alternates": [
{
"locale": "en",
"url": "https://unifast.dev/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/docs/packages/core/escape-html.json"
},
{
"locale": "ja",
"url": "https://unifast.dev/ja/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/ja/docs/packages/core/escape-html.json"
},
{
"locale": "zh-CN",
"url": "https://unifast.dev/zh-CN/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/zh-CN/docs/packages/core/escape-html.json"
},
{
"locale": "zh-TW",
"url": "https://unifast.dev/zh-TW/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/zh-TW/docs/packages/core/escape-html.json"
},
{
"locale": "ko",
"url": "https://unifast.dev/ko/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/ko/docs/packages/core/escape-html.json"
},
{
"locale": "fr",
"url": "https://unifast.dev/fr/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/fr/docs/packages/core/escape-html.json"
},
{
"locale": "it",
"url": "https://unifast.dev/it/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/it/docs/packages/core/escape-html.json"
},
{
"locale": "es",
"url": "https://unifast.dev/es/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/es/docs/packages/core/escape-html.json"
},
{
"locale": "pt-BR",
"url": "https://unifast.dev/pt-BR/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/pt-BR/docs/packages/core/escape-html.json"
},
{
"locale": "de",
"url": "https://unifast.dev/de/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/de/docs/packages/core/escape-html.json"
},
{
"locale": "ru",
"url": "https://unifast.dev/ru/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/ru/docs/packages/core/escape-html.json"
},
{
"locale": "hi",
"url": "https://unifast.dev/hi/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/hi/docs/packages/core/escape-html.json"
},
{
"locale": "id",
"url": "https://unifast.dev/id/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/id/docs/packages/core/escape-html.json"
},
{
"locale": "tr",
"url": "https://unifast.dev/tr/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/tr/docs/packages/core/escape-html.json"
},
{
"locale": "vi",
"url": "https://unifast.dev/vi/docs/packages/core/escape-html/",
"api": "https://unifast.dev//api/vi/docs/packages/core/escape-html.json"
}
]
}