Public
postpostscript
html
Script
html: create sanitized HTML using tagged templates Examples import { html } from "https://esm.town/v/postpostscript/html"
const unsafeInput = "<script>alert(1)</script>"
console.log(html`Value: ${unsafeInput}`)
// Value: <script>alert(1)</script> These can be combined -- HTML marked as safe (instance is RawHTML ) will be directly inserted: const scripts = html`<script>alert(1)</script>`
console.log(html`<head>
${scripts}
</head>`.toString())
// <head>
// <script>alert(1)</script>
// </head> To easily create HTTP Response outputs like @stevekrouse/html, use the htmlResponse utility: import { html, htmlResponse } from "https://esm.town/v/postpostscript/html";
export default function(req: Request) {
return htmlResponse`
Request URL: ${decodeURIComponent(req.url)}
`;
} Tests: @postpostscript/htmlTest
1
postpostscript-blog.web.val.run
Updated: March 16, 2024