Properly escape JSON for usage as an object literal inside of a <script> tag. Use htmlescape in place of JSON.stringify. For more info see JSON: The JavaScript subset that isn't.
| from | to |
|---|---|
& |
\\u0026 |
> |
\\u003e |
< |
\\u003c |
\u2028 |
\\u2028 |
\u2029 |
\\u2029 |
var htmlescape = require('htmlescape');
htmlescape({prop:'value'});
//=> '{"prop":"value"}'Or in your templates:
<script>
var payload = <%= htmlescape(payload) %>;
</script># htmlescape
Properly escape JSON for usage as an object literal inside of a `<script>` tag. Use `htmlescape` in place of `JSON.stringify`. For more info see [JSON: The JavaScript subset that isn't](http://timelessrepo.com/json-isnt-a-javascript-subset).
## Transformations
| from | to |
| -------- |:---------:|
| `&` | `\\u0026` |
| `>` | `\\u003e` |
| `<` | `\\u003c` |
| `\u2028` | `\\u2028` |
| `\u2029` | `\\u2029` |
## Usage
```js
var htmlescape = require('htmlescape');
htmlescape({prop:'value'});
//=> '{"prop":"value"}'
```
Or in your templates:
```html
<script>
var payload = <%= htmlescape(payload) %>;
</script>
```
| # | Change | User | Description | Committed | |
|---|---|---|---|---|---|
| #1 | 19553 | swellard | Move and rename clients | ||
| //guest/perforce_software/helix-web-services/main/source/clients/2016.1.0/javascript/node_modules/htmlescape/README.md | |||||
| #1 | 18810 | tjuricek |
First-pass at JavaScript client SDK. JavaScript requires Node with Gulp to "browserfy" the library. It's the easiest way I found to use the swagger-js project; bundle up a wrapping method. There is no JavaScript reference guide. The swagger-js doesn't really document what they do very well, actually. Overall I'm not particularly impressed by swagger-js, it was hard to even figure out what the right method syntax was. We may want to invest time in doing it better. This required setting CORS response headers, which are currently defaulted to a fairly insecure setting. |
||