or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

tessl/npm-lodash--unescape

Converts HTML entities to their corresponding characters in a string

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/lodash@4.0.x

To install, run

npx @tessl/cli install tessl/npm-lodash--unescape@4.0.0
0
# lodash.unescape
1


2
The lodash.unescape function converts HTML entities (`&`, `<`, `>`, `"`, `'`, and ```) in strings back to their corresponding characters. This function is the inverse of lodash's escape function and is commonly used when displaying HTML content that has been previously escaped for security purposes.
3


4
## Package Information
5


6
- **Package Name**: lodash
7
- **Package Type**: npm
8
- **Language**: JavaScript
9
- **Installation**: `npm install lodash`
10
- **Version**: 4.0.1
11


12
## Core Imports
13


14
```javascript
15
import { unescape } from "lodash";
16
```
17


18
For CommonJS:
19


20
```javascript
21
const { unescape } = require("lodash");
22
```
23


24
Alternative import from the main lodash object:
25


26
```javascript
27
import _ from "lodash";
28
// Use as _.unescape()
29
```
30


31
## Basic Usage
32


33
```javascript
34
import { unescape } from "lodash";
35


36
// Basic HTML entity unescaping
37
const escaped = 'fred, barney, & pebbles';
38
const unescaped = unescape(escaped);
39
console.log(unescaped); // => 'fred, barney, & pebbles'
40


41
// Multiple entity types
42
const multipleEntities = '<div>"Hello World"</div>';
43
const result = unescape(multipleEntities);
44
console.log(result); // => '<div>"Hello World"</div>'
45


46
// Handles mixed content
47
const mixed = 'Price: &lt; $100 &amp; &gt; $50';
48
const cleanMixed = unescape(mixed);
49
console.log(cleanMixed); // => 'Price: < $100 & > $50'
50
```
51


52
## Capabilities
53


54
### String Unescaping
55


56
Converts HTML entities to their corresponding characters in a string.
57


58
```javascript { .api }
59
/**
60
 * The inverse of `_.escape`; this method converts the HTML entities
61
 * `&amp;`, `&lt;`, `&gt;`, `&quot;`, `&#39;`, and `&#96;` in `string` to their
62
 * corresponding characters.
63
 * 
64
 * @param {string} [string=''] The string to unescape.
65
 * @returns {string} Returns the unescaped string.
66
 */
67
function unescape(string)
68
```
69


70
**Supported HTML Entities:**
71


72
- `&amp;``&` (ampersand)
73
- `&lt;``<` (less than)
74
- `&gt;``>` (greater than)
75
- `&quot;``"` (double quote)
76
- `&#39;``'` (single quote/apostrophe)
77
- `&#96;``` ` `` (backtick)
78


79
**Usage Examples:**
80


81
```javascript
82
import { unescape } from "lodash";
83


84
// Basic unescaping
85
unescape('fred, barney, &amp; pebbles');
86
// => 'fred, barney, & pebbles'
87


88
// HTML tag simulation
89
unescape('&lt;script&gt;alert(&#39;hello&#39;);&lt;/script&gt;');
90
// => "<script>alert('hello');</script>"
91


92
// Empty and null handling
93
unescape('');     // => ''
94
unescape(null);   // => ''
95
unescape(undefined); // => ''
96


97
// Non-string input gets converted to string first
98
unescape(123);    // => '123'
99
unescape(true);   // => 'true'
100


101
// Strings without entities are returned unchanged
102
unescape('hello world'); // => 'hello world'
103


104
// Mixed escaped and unescaped content
105
unescape('Tom &amp; Jerry &lt; Mickey Mouse');
106
// => 'Tom & Jerry < Mickey Mouse'
107
```
108


109
## Performance Notes
110


111
- The function only performs replacement operations when HTML entities are detected in the input string
112
- Uses efficient regular expression testing before replacement
113
- Input is automatically converted to string if it's not already a string
114
- Returns the original string unchanged if no HTML entities are found
115


116
## Important Limitations
117


118
- **Limited Entity Support**: Only handles 6 specific HTML entities. For additional HTML entities, the documentation recommends using a third-party library like [he](https://mths.be/he)
119
- **Security Note**: This function should be used carefully when dealing with user input, as it converts escaped HTML back to potentially executable code
120
- **No Validation**: Does not validate that the resulting unescaped content is safe or well-formed HTML
121


122
## Error Handling
123


124
The unescape function is designed to handle various input types gracefully:
125


126
- **Strings**: Processed normally
127
- **null/undefined**: Converted to empty string
128
- **Numbers/Booleans**: Converted to string representation
129
- **Objects**: Converted to string using JavaScript's standard conversion
130


131
No exceptions are thrown under normal circumstances.