safe-json-globals

Safely embed serialized javascript or JSON in a page as temporary global data

Usage no npm install needed!

<script type="module">
  import safeJsonGlobals from 'https://cdn.skypack.dev/safe-json-globals';
</script>

README

safe-json-globals

build status dependency status

Safely embed serialized JSON in a page as temporary global data. HTML tags are sanitized.

Example for the server

var JSONGlobals = require("safe-json-globals")

function (req, res) {
    getUser(req, res, function (userRecord) {
        var globalsMarkup = JSONGlobals({
          user: userRecord,
          potentialMaliciousContent: "</script><script>alert('hack')"
        })

        var html = "" // whatever html

        html += globalsMarkup

        res.end(html)
    })
}

Example for the client

var JSONGlobals = require("safe-json-globals/get")

var user = JSONGlobals("user")

Installation

npm install safe-json-globals

Contributors

  • Raynos
  • lxe

MIT Licenced