marcosh / elm-html-to-unicode / ElmEscapeHtml

This library allows to escape html string and unescape named and numeric character references (e.g. >, >, &x3e;) to the corresponding unicode characters

Definition

escape : String -> String

Escapes a string converting characters that could be used to inject XSS vectors (http://wonko.com/post/html-escaping). At the moment we escape &, <, >, ", ', `, , !, @, $, %, (, ), =, +, {, }, [ and ]

for example

escape "&<>\"" == "&<>""

unescape : String -> String

Unescapes a string, converting all named and numeric character references (e.g. >, >, &x3e;) to their corresponding unicode characters.

for example

unescape ""&<>" == "\"&<>"