General Commands Manual

NAME¶

he — encode/decode HTML entities just like a browser would

SYNOPSIS¶

`he`	[`--escape` `string`] [`--encode` `string`] [`--encode` `--use-named-refs` `--everything` `--allow-unsafe` `string`] [`--decode` `string`] [`--decode` `--attribute` `string`] [`--decode` `--strict` `string`] [`-v` \| `--version`] [`-h` \| `--help`]

DESCRIPTION¶

he encodes/decodes HTML entities in strings just like a browser would.

OPTIONS¶

--escape: Take a string of text and escape it for use in text contexts in XML or HTML documents. Only the following characters are escaped: `&`, `<`, `>`, `"`, and `'`.
--encode: Take a string of text and encode any symbols that aren't printable ASCII symbols and that can be replaced with character references. For example, it would turn `©` into `©`, but it wouldn't turn `+` into `+` since there is no point in doing so. Additionally, it replaces any remaining non-ASCII symbols with a hexadecimal escape sequence (e.g. `𝌆`). The return value of this function is always valid HTML.
--encode --use-named-refs: Enable the use of named character references (like `©`) in the output. If compatibility with older browsers is a concern, don't use this option.
--encode --everything: Encode every symbol in the input string, even safe printable ASCII symbols.
--encode --allow-unsafe: Encode non-ASCII characters only. This leaves unsafe HTML/XML symbols like `&`, `<`, `>`, `"`, and `'` intact.
--encode --decimal: Use decimal digits rather than hexadecimal digits for encoded character references, e.g. output `©` instead of `©`.
--decode: Takes a string of HTML and decode any named and numerical character references in it using the algorithm described in the HTML spec.
--decode --attribute: Parse the input as if it was an HTML attribute value rather than a string in an HTML text content.
--decode --strict: Throw an error if an invalid character reference is encountered.
-v, --version: Print he's version.
-h, --help: Show the help screen.

EXIT STATUS¶

The he utility exits with one of the following values:

0: he did what it was instructed to do successfully; either it encoded/decoded the input and printed the result, or it printed the version or usage message.
1: he encountered an error.

EXAMPLES¶

he --escape '<script>alert(1)</script>': Print an escaped version of the given string that is safe for use in HTML text contexts, escaping only `&`, `<`, `>`, `"`, and `'`.
he --decode '©𝌆': Print the decoded version of the given HTML string.
echo '©𝌆' | he --decode: Print the decoded version of the HTML string that gets piped in.

BUGS¶

he's bug tracker is located at <https://github.com/mathiasbynens/he/issues>.

AUTHOR¶

Mathias Bynens <https://mathiasbynens.be/>

WWW¶

<https://mths.be/he>

April 5, 2016

Source file:	he.1.en.gz (from node-he 1.2.0-4)
Source last updated:	2022-07-02T09:31:00Z
Converted to HTML:	2023-06-10T23:46:13Z