{"id":17767303,"url":"https://github.com/jamiebuilds/guarded-string","last_synced_at":"2025-03-15T13:31:15.216Z","repository":{"id":57256556,"uuid":"119973756","full_name":"jamiebuilds/guarded-string","owner":"jamiebuilds","description":"Prevent accidentally introducing XSS holes with the strings in your app","archived":false,"fork":false,"pushed_at":"2018-02-05T23:12:45.000Z","size":34,"stargazers_count":36,"open_issues_count":0,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-12T21:02:44.764Z","etag":null,"topics":["guarded","safe","secure","string","xss"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jamiebuilds.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-02T11:29:24.000Z","updated_at":"2022-02-26T22:46:30.000Z","dependencies_parsed_at":"2022-08-25T02:30:57.724Z","dependency_job_id":null,"html_url":"https://github.com/jamiebuilds/guarded-string","commit_stats":null,"previous_names":["thejameskyle/guarded-string"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamiebuilds%2Fguarded-string","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamiebuilds%2Fguarded-string/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamiebuilds%2Fguarded-string/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamiebuilds%2Fguarded-string/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jamiebuilds","download_url":"https://codeload.github.com/jamiebuilds/guarded-string/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243735842,"owners_count":20339536,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["guarded","safe","secure","string","xss"],"created_at":"2024-10-26T20:45:58.515Z","updated_at":"2025-03-15T13:31:14.840Z","avatar_url":"https://github.com/jamiebuilds.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# guarded\\`string\\`\n\n\u003e Prevent accidentally introducing XSS holes with the strings in your app\n\nHold your friends close, and your strings closer\n\n## Installation\n\n```\nyarn add guarded-string\n```\n\n## Usage\n\n\u003e **Important!** This should be used for things like preventing XSS attacks,\n\u003e not for hiding sensitive information.\n\n```js\nimport guardedString from 'guarded-string';\n\nconst myString = guardedString`My very important (but not too important) string`;\n\nguardedString.isGuarded(myString); // \u003e\u003e boolean\nguardedString.assertGuarded(myString); // \u003e\u003e maybe throws\nguardedString.toUnguarded(myString); // \u003e\u003e unguarded string (throws on other value types)\n\nmyString + ''; // 'My very important (but not too important) string'\n\nguardedString.freeze(myString);\nguardedString.isFrozen(myString);\nguardedString.assertFrozen(myString);\n\nmyString + ''; // Error!\nJSON.stringify(myString); // Error!\n// etc.\n```\n\n## API\n\n### `guardedString`\n\nCreate a guarded string. This must be used as a tagged template literal with no\ninterpolations. You cannot construct a guarded string that is not statically\nwritten in your code.\n\n```js\nlet str = guardedString`Hello World`;\n```\n\nYou can continue using this as a string, but when you modify it, the result is\nan unguarded (regular) string.\n\n```js\nlet str1 = guardedString`Hello World`;\nlet str2 = str1 + '!';\n\nguardedString.isGuarded(str1); // true\nguardedString.isGuarded(str2); // false\n```\n\nIf you want to using string methods, you can wrap your string with\n`String(str)` or `guardedString.toUnguarded(str)`.\n\n```js\nlet str1 = guardedString`Hello World`;\nlet str2 = String(str1).replace('World', 'Universe');\nlet str3 = guardedString.toUnguarded(str1).replace('World', 'Universe');\n```\n\n### `guardedString.isGuarded(val)`\n\nThis just returns a `boolean` if the value you pass in is a guarded string or\nnot.\n\n### `guardedString.assertGuarded(val)`\n\nThis will throw an error if the value you pass in is not a guarded string.\n\n### `guardedString.freeze(str)`\n\nIf you want to make sure that your string is not accidentally stringified, you\ncan call `guardedString.freeze(str)` on your guarded string and it will\nprevent code from accidentally stringifying it.\n\n```js\nlet str = guardedString.freeze(guardedString`Hello World`);\n\nString(str); // Error!\nstr + '!'; // Error!\nJSON.stringify(str); // Error!\n```\n\n\u003e See [test cases](test.js) for more\n\nNote that you can still call `guardedString.toUnguarded(str)` to convert\nit back to a plain string.\n\n### `guardedString.isFrozen(val)`\n\nThis just returns a `boolean` if the value you pass in is a frozen string or\nnot.\n\n### `guardedString.assertFrozen(val)`\n\nThis will throw an error if the value you pass in is not a frozen string.\n\n### `guardedString.toUnguarded(str)`\n\nThis will convert any guarded string (including frozen strings).\n\n```js\nlet str1 = guardedString.freeze(guardedString`Hello World`);\nlet str2 = guardedString.toUnguarded(str1);\n\nconsole.log(typeof str1); // 'object'\nconsole.log(typeof str2); // 'string'\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamiebuilds%2Fguarded-string","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjamiebuilds%2Fguarded-string","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamiebuilds%2Fguarded-string/lists"}