Skip to content

dustin-archive/h2ml

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
.gitignore
.gitignore
 
 
index.js
index.js
 
 
license
license
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
readme.md
readme.md
 
 
test.js
test.js
 
 

Repository files navigation

h2ml

An h function that returns HTML (or XML) strings.

const h = require('h2ml')

h('div', null, [
  h('span', { class: 'title' }, 'Hello world'),
  h('p', { class: 'body' },
    'Autem placeat illo libero voluptatem dolorem. ' +
    'Ut ' + h('b', null, 'consequatur neque harum') + ' sed molestias.'
  )
])

Injected content is not XSS secured and should be combined with a library like xss-filters

const h = require('h2ml')
const secure = require('xss-filters')

// Example if a user sent a script tag
const data = '<script>alert("hacked nerd")</script>'

h('span', null, secure.inHTMLData(data))
// => '<span>&lt;script>alert("hacked nerd")&lt;/script></span>'

Usage

This package follows the h2spec guidelines.

h(tag, data?, children?)

  • tag: The element name.
  • data (optional): An object containing the attributes to set on the element.
  • children (optional): A string or array of strings.
h('div', { class: 'foo' }, 'hello world')
// '<div class="foo">hello world</div>'

h('div', null, [
  h('span', 'foo'),
  h('span', 'bar')
])
// '<div><span>foo</span><span>bar</span></div>'

About

An h function that returns HTML and XML strings.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

15 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

5 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages