How to use escape-goat - 10 common examples
To help you get started, we’ve selected a few escape-goat examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
emotion-js / emotion / site / plugins / gatsby-remark-live-code / index.js View on Github 
if (node.lang === 'jsx live') {
throw new Error(
`The following code block has the language jsx live which is no longer allowed:\n${
node.value
}`
)
}
if (
node.lang === 'jsx' &&
// yes, i know this won't work if you don't use line comments and stuff
// but adding a whole js parser and stuff to do this would be more effort than it's worth
livePattern.test(node.value)
) {
let cleanValue = node.value.replace('// @live', '').trim()
node.type = `html`
node.value = escapeGoat.escapeTag``
}
})
}let body = issue.body.replace(/\n+/g, ' ');
if (body.length > 85) {
body = `${body.substring(0, 85)}...`;
}
let labels = '';
for (let i = 0; i < issue.labels.length; i++) {
const label = issue.labels[i];
const red = parseInt(label.color.substring(0, 2), 16);
const green = parseInt(label.color.substring(2, 4), 16);
const blue = parseInt(label.color.substring(4, 6), 16);
let color = '#ffffff';
if ((red * 0.299 + green * 0.587 + blue * 0.114) > 125) {
color = '#000000';
}
labels += `<div style="color: ${color}; background-color:#${label.color};" class="ui label">${htmlEscape(label.name)}</div>`;
}
if (labels.length > 0) {
labels = `<p>${labels}</p>`;
}
let octicon, color;
if (issue.pull_request !== null) {
if (issue.state === 'open') {
color = 'green';
octicon = 'octicon-git-pull-request'; // Open PR
} else if (issue.pull_request.merged === true) {
color = 'purple';
octicon = 'octicon-git-merge'; // Merged PR
} else {
color = 'red';
octicon = 'octicon-git-pull-request'; // Closed PR$.each(response, (_i, issue) => {
// Don't list current issue in the dependency list.
if (issue.id === currIssueId) {
return;
}
filteredResponse.results.push({
name: `#${issue.number} ${htmlEscape(issue.title)
}<div class="text small dont-break-out">${htmlEscape(issue.repository.full_name)}</div>`,
value: issue.id
});
});
return filteredResponse;color = 'green';
octicon = 'octicon-issue-opened'; // Open Issue
} else {
color = 'red';
octicon = 'octicon-issue-closed'; // Closed Issue
}
$element.popup({
variation: 'wide',
delay: {
show: 250
},
html: `
<div>
<p><small>${htmlEscape(issue.repository.full_name)} on ${createdAt}</small></p>
<p><span class="${color}">${svg(octicon)}</span> <strong>${htmlEscape(issue.title)}</strong> #${index}</p>
<p>${htmlEscape(body)}</p>
${labels}
</div>
`
});
});
}octicon = 'octicon-issue-opened'; // Open Issue
} else {
color = 'red';
octicon = 'octicon-issue-closed'; // Closed Issue
}
$element.popup({
variation: 'wide',
delay: {
show: 250
},
html: `
<div>
<p><small>${htmlEscape(issue.repository.full_name)} on ${createdAt}</small></p>
<p><span class="${color}">${svg(octicon)}</span> <strong>${htmlEscape(issue.title)}</strong> #${index}</p>
<p>${htmlEscape(body)}</p>
${labels}
</div>
`
});
});
}/* global window document */
const tag = require("escape-goat").escapeTag;
const pageState = {};
function dom(selector) {
return document.querySelector(`.view-gallery ${selector}`);
}
function thumbnail(photo) {
return tag`<a href="${photo.pageURI}" class="thumbnail">
<img title="${photo.caption}" alt="${photo.caption}" src="${photo.thumbnailURI}" data-photo-name="${photo.name}" class="thumbnail">
</a>`;
}template = template.replace(doubleBraceRegex, (_, key) => {
let result = data;
for (const property of key.split('.')) {
result = result ? result[property] : '';
}
return htmlEscape(String(result));
});
}async function addDependency(name, container) {
const depEl = doma.one(`
<li>
<a href="https://www.npmjs.com/package/${esc(name)}">
${esc(name)}
</a>
</li>
`);
container.append(depEl);
const {url, description, error} = await fetchPackageInfo(name);
if (error) {
if (error === 'Not found') {
depEl.append(doma('<em>Not published or private.</em>'));
} else {
console.warn(`${errorMessage} fetching ${esc(name)}/package.json`, error);
depEl.append(doma('<em>There was a network error.</em>'));
}async function addDependency(name, container) {
const depEl = doma.one(`
<li>
<a href="https://www.npmjs.com/package/${esc(name)}">
${esc(name)}
</a>
</li>
`);
container.append(depEl);
const {url, description, error} = await fetchPackageInfo(name);
if (error) {
if (error === 'Not found') {
depEl.append(doma('<em>Not published or private.</em>'));
} else {
console.warn(`${errorMessage} fetching ${esc(name)}/package.json`, error);
depEl.append(doma('<em>There was a network error.</em>'));
}
return;module.exports = attributes => {
const handledAttributes = [];
for (let [key, value] of Object.entries(attributes)) {
if (value === false) {
continue;
}
if (Array.isArray(value)) {
value = value.join(' ');
}
let attribute = htmlEscape(key);
if (value !== true) {
attribute += `="${htmlEscape(String(value))}"`;
}
handledAttributes.push(attribute);
}
return handledAttributes.length > 0 ? ' ' + handledAttributes.join(' ') : '';
};escape-goat
Escape a string for use in HTML or the inverse
