API: escape

Source: utils/escape.ts

Utility class for performing context-aware string escaping and unescaping operations, delegating to a native Java EscapeFacade. These methods are essential for security (preventing injection attacks) and ensuring correct data serialization across different formats.

Usage

javascript

import { escape } from "sdk/utils";
import { response } from "sdk/http";

const input = "<script type='text/javascript'>alert('evil script')</script>";
const result = escape.escapeJavascript(input);

response.println(result);

response.flush();
response.close();

Classes

Escape

Utility class for performing context-aware string escaping and unescaping operations,
delegating to a native Java EscapeFacade. These methods are essential for security
(preventing injection attacks) and ensuring correct data serialization across different formats.

Methods

escapeCsv

escapeCsv (input:string):string
Escapes special characters in a string to make it safe for use as a value within a CSV file.
Typically handles double quotes, commas, and newlines.

@param input The string to be escaped.
@returns The CSV-safe escaped string.

escapeJavascript

escapeJavascript (input:string):string
Escapes characters in a string to create a valid JavaScript string literal.
This makes it safe for embedding string values within JavaScript code blocks.

@param input The string to be escaped.
@returns The JavaScript-safe escaped string.

escapeHtml3

escapeHtml3 (input:string):string
Escapes characters in a string using HTML 3.2 entity references.

@param input The string to be escaped.
@returns The HTML 3.2 escaped string.

escapeHtml4

escapeHtml4 (input:string):string
Escapes characters in a string using HTML 4.0 entity references.
This is the common standard for escaping characters like <, >, &, and ".

@param input The string to be escaped.
@returns The HTML 4.0 escaped string.

escapeJava

escapeJava (input:string):string
Escapes characters in a string to create a valid Java string literal.

@param input The string to be escaped.
@returns The Java-safe escaped string.

escapeJson

escapeJson (input:string):string
Escapes characters (like quotes, backslashes, and control characters) in a string
to make it safe for embedding as a value within a JSON document.

@param input The string to be escaped.
@returns The JSON-safe escaped string.

escapeXml

escapeXml (input:string):string
Escapes characters in a string to make it valid for use within an XML document.
Typically handles characters like <, >, &, ", and '.

@param input The string to be escaped.
@returns The XML-safe escaped string.

unescapeCsv

unescapeCsv (input:string):string
The inverse of escapeCsv: unescapes CSV-specific escape sequences back to their original form.

@param input The CSV-escaped string.
@returns The unescaped string.

unescapeJavascript

unescapeJavascript (input:string):string
The inverse of escapeJavascript: unescapes JavaScript string literals.

@param input The JavaScript-escaped string.
@returns The unescaped string.

unescapeHtml3

unescapeHtml3 (input:string):string
The inverse of escapeHtml3: unescapes HTML 3.2 entity references.

@param input The HTML 3.2 escaped string.
@returns The unescaped string.

unescapeHtml4

unescapeHtml4 (input:string):string
The inverse of escapeHtml4: unescapes HTML 4.0 entity references.

@param input The HTML 4.0 escaped string.
@returns The unescaped string.

unescapeJava

unescapeJava (input:string):string
The inverse of escapeJava: unescapes Java string literals.

@param input The Java-escaped string.
@returns The unescaped string.

unescapeJson

unescapeJson (input:string):string
The inverse of escapeJson: unescapes JSON string escape sequences.

@param input The JSON-escaped string.
@returns The unescaped string.

unescapeXml

unescapeXml (input:string):string
The inverse of escapeXml: unescapes XML entity references.

@param input The XML-escaped string.
@returns The unescaped string.

Additions

BPM

CACHE

CMS

COMPONENT

CORE

DB

ERRORS

ETCD

EXTENSIONS

GIT

HTTP

INDEXING

INTEGRATIONS

IO

JOB

JUNIT

KAFKA

LOG

MAIL

MESSAGING

MONGODB

NET

PDF

PLATFORM

QLDB

RABBITMQ

REDIS

RS

SECURITY

TEMPLATE

UTILS

WRAPPERS

API: escape ​

Usage ​

Classes ​

Escape ​

Methods ​

escapeCsv ​

escapeJavascript ​

escapeHtml3 ​

escapeHtml4 ​

escapeJava ​

escapeJson ​

escapeXml ​

unescapeCsv ​

unescapeJavascript ​

unescapeHtml3 ​

unescapeHtml4 ​

unescapeJava ​

unescapeJson ​

unescapeXml ​