he.1 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. .Dd April 5, 2016
  2. .Dt he 1
  3. .Sh NAME
  4. .Nm he
  5. .Nd encode/decode HTML entities just like a browser would
  6. .Sh SYNOPSIS
  7. .Nm
  8. .Op Fl -escape Ar string
  9. .br
  10. .Op Fl -encode Ar string
  11. .br
  12. .Op Fl -encode Fl -use-named-refs Fl -everything Fl -allow-unsafe Ar string
  13. .br
  14. .Op Fl -decode Ar string
  15. .br
  16. .Op Fl -decode Fl -attribute Ar string
  17. .br
  18. .Op Fl -decode Fl -strict Ar string
  19. .br
  20. .Op Fl v | -version
  21. .br
  22. .Op Fl h | -help
  23. .Sh DESCRIPTION
  24. .Nm
  25. encodes/decodes HTML entities in strings just like a browser would.
  26. .Sh OPTIONS
  27. .Bl -ohang -offset
  28. .It Sy "--escape"
  29. Take a string of text and escape it for use in text contexts in XML or HTML documents. Only the following characters are escaped: `&`, `<`, `>`, `"`, and `'`.
  30. .It Sy "--encode"
  31. Take a string of text and encode any symbols that aren't printable ASCII symbols and that can be replaced with character references. For example, it would turn `©` into `&#xA9;`, but it wouldn't turn `+` into `&#x2B;` since there is no point in doing so. Additionally, it replaces any remaining non-ASCII symbols with a hexadecimal escape sequence (e.g. `&#x1D306;`). The return value of this function is always valid HTML.
  32. .It Sy "--encode --use-named-refs"
  33. Enable the use of named character references (like `&copy;`) in the output. If compatibility with older browsers is a concern, don't use this option.
  34. .It Sy "--encode --everything"
  35. Encode every symbol in the input string, even safe printable ASCII symbols.
  36. .It Sy "--encode --allow-unsafe"
  37. Encode non-ASCII characters only. This leaves unsafe HTML/XML symbols like `&`, `<`, `>`, `"`, and `'` intact.
  38. .It Sy "--encode --decimal"
  39. Use decimal digits rather than hexadecimal digits for encoded character references, e.g. output `&#169;` instead of `&#xA9;`.
  40. .It Sy "--decode"
  41. Takes a string of HTML and decode any named and numerical character references in it using the algorithm described in the HTML spec.
  42. .It Sy "--decode --attribute"
  43. Parse the input as if it was an HTML attribute value rather than a string in an HTML text content.
  44. .It Sy "--decode --strict"
  45. Throw an error if an invalid character reference is encountered.
  46. .It Sy "-v, --version"
  47. Print he's version.
  48. .It Sy "-h, --help"
  49. Show the help screen.
  50. .El
  51. .Sh EXIT STATUS
  52. The
  53. .Nm he
  54. utility exits with one of the following values:
  55. .Pp
  56. .Bl -tag -width flag -compact
  57. .It Li 0
  58. .Nm
  59. did what it was instructed to do successfully; either it encoded/decoded the input and printed the result, or it printed the version or usage message.
  60. .It Li 1
  61. .Nm
  62. encountered an error.
  63. .El
  64. .Sh EXAMPLES
  65. .Bl -ohang -offset
  66. .It Sy "he --escape '<script>alert(1)</script>'"
  67. Print an escaped version of the given string that is safe for use in HTML text contexts, escaping only `&`, `<`, `>`, `"`, and `'`.
  68. .It Sy "he --decode '&copy;&#x1D306;'"
  69. Print the decoded version of the given HTML string.
  70. .It Sy "echo\ '&copy;&#x1D306;'\ |\ he --decode"
  71. Print the decoded version of the HTML string that gets piped in.
  72. .El
  73. .Sh BUGS
  74. he's bug tracker is located at <https://github.com/mathiasbynens/he/issues>.
  75. .Sh AUTHOR
  76. Mathias Bynens <https://mathiasbynens.be/>
  77. .Sh WWW
  78. <https://mths.be/he>