UNPKG

flags

Version:

Flags SDK by Vercel - The feature flags toolkit for Next.js and SvelteKit

flags-sdk.dev

vercel/flags

1 lines 1.85 kB
1
{"version":3,"sources":["../src/lib/safe-json-stringify.ts"],"names":[],"mappings":";AA+BO,SAAS,kBACd,OACA,UACA,OACQ;AACR,SAAO,KAAK,UAAU,OAAO,UAAU,KAAK,EAAE,QAAQ,MAAM,SAAS;AACvE","sourcesContent":["/**\n * Converts a JavaScript value to a JavaScript Object Notation (JSON) string.\n *\n * This function is just like JSON.stringify but also escapes the resulting string to prevent XSS.\n *\n * @see https://pragmaticwebsecurity.com/articles/spasecurity/json-stringify-xss\n * @param value A JavaScript value, usually an object or array, to be converted.\n * @param replacer A function that transforms the results.\n * @param space Adds indentation, white space, and line break characters to the return-value JSON text to make it easier to read.\n */\nexport function safeJsonStringify(\n value: any,\n replacer?: (this: any, key: string, value: any) => any,\n space?: string | number,\n): string;\n/**\n * Converts a JavaScript value to a JavaScript Object Notation (JSON) string.\n *\n * This function is just like JSON.stringify but also escapes the resulting string to prevent XSS.\n *\n * @see https://pragmaticwebsecurity.com/articles/spasecurity/json-stringify-xss\n * @param value A JavaScript value, usually an object or array, to be converted.\n * @param replacer An array of strings and numbers that acts as an approved list for selecting the object properties that will be stringified.\n * @param space Adds indentation, white space, and line break characters to the return-value JSON text to make it easier to read.\n */\nexport function safeJsonStringify(\n value: any,\n replacer?: (number | string)[] | null,\n space?: string | number,\n): string;\n\nexport function safeJsonStringify(\n value: any,\n replacer: any,\n space: any,\n): string {\n return JSON.stringify(value, replacer, space).replace(/</g, '\\\\u003c');\n}\n"]}