or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

index.md
tile.json

index.mddocs/

lodash.unescape

The lodash.unescape function converts HTML entities (&, <, >, ", ', and `) in strings back to their corresponding characters. This function is the inverse of lodash's escape function and is commonly used when displaying HTML content that has been previously escaped for security purposes.

Package Information

  • Package Name: lodash
  • Package Type: npm
  • Language: JavaScript
  • Installation: npm install lodash
  • Version: 4.0.1

Core Imports

import { unescape } from "lodash";

For CommonJS:

const { unescape } = require("lodash");

Alternative import from the main lodash object:

import _ from "lodash";
// Use as _.unescape()

Basic Usage

import { unescape } from "lodash";

// Basic HTML entity unescaping
const escaped = 'fred, barney, & pebbles';
const unescaped = unescape(escaped);
console.log(unescaped); // => 'fred, barney, & pebbles'

// Multiple entity types
const multipleEntities = '<div>"Hello World"</div>';
const result = unescape(multipleEntities);
console.log(result); // => '<div>"Hello World"</div>'

// Handles mixed content
const mixed = 'Price: &lt; $100 &amp; &gt; $50';
const cleanMixed = unescape(mixed);
console.log(cleanMixed); // => 'Price: < $100 & > $50'

Capabilities

String Unescaping

Converts HTML entities to their corresponding characters in a string.

/**
 * The inverse of `_.escape`; this method converts the HTML entities
 * `&amp;`, `&lt;`, `&gt;`, `&quot;`, `&#39;`, and `&#96;` in `string` to their
 * corresponding characters.
 * 
 * @param {string} [string=''] The string to unescape.
 * @returns {string} Returns the unescaped string.
 */
function unescape(string)

Supported HTML Entities:

  • &amp;& (ampersand)
  • &lt;< (less than)
  • &gt;> (greater than)
  • &quot;" (double quote)
  • &#39;' (single quote/apostrophe)
  • &#96;` (backtick)

Usage Examples:

import { unescape } from "lodash";

// Basic unescaping
unescape('fred, barney, &amp; pebbles');
// => 'fred, barney, & pebbles'

// HTML tag simulation
unescape('&lt;script&gt;alert(&#39;hello&#39;);&lt;/script&gt;');
// => "<script>alert('hello');</script>"

// Empty and null handling
unescape('');     // => ''
unescape(null);   // => ''
unescape(undefined); // => ''

// Non-string input gets converted to string first
unescape(123);    // => '123'
unescape(true);   // => 'true'

// Strings without entities are returned unchanged
unescape('hello world'); // => 'hello world'

// Mixed escaped and unescaped content
unescape('Tom &amp; Jerry &lt; Mickey Mouse');
// => 'Tom & Jerry < Mickey Mouse'

Performance Notes

  • The function only performs replacement operations when HTML entities are detected in the input string
  • Uses efficient regular expression testing before replacement
  • Input is automatically converted to string if it's not already a string
  • Returns the original string unchanged if no HTML entities are found

Important Limitations

  • Limited Entity Support: Only handles 6 specific HTML entities. For additional HTML entities, the documentation recommends using a third-party library like he
  • Security Note: This function should be used carefully when dealing with user input, as it converts escaped HTML back to potentially executable code
  • No Validation: Does not validate that the resulting unescaped content is safe or well-formed HTML

Error Handling

The unescape function is designed to handle various input types gracefully:

  • Strings: Processed normally
  • null/undefined: Converted to empty string
  • Numbers/Booleans: Converted to string representation
  • Objects: Converted to string using JavaScript's standard conversion

No exceptions are thrown under normal circumstances.