htmlescape
Properly escape JSON for usage as an object literal inside of a <script> tag. Use htmlescape in place of JSON.stringify. For more info see JSON: The JavaScript subset that isn't.
Transformations
| from | to |
|---|---|
& |
\\u0026 |
> |
\\u003e |
< |
\\u003c |
\u2028 |
\\u2028 |
\u2029 |
\\u2029 |
Usage
var htmlescape = require('htmlescape');
htmlescape({prop:'value'});
//=> '{"prop":"value"}'
Or in your templates:
<script>
var payload = <%= htmlescape(payload) %>;
</script>