From: helge Date: Mon, 28 Mar 2005 15:07:40 +0000 (+0000) Subject: added NSString category for JS escaping X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64a4758d3150e2aed3439b27cc765466e7808e9b;p=sope added NSString category for JS escaping git-svn-id: http://svn.opengroupware.org/SOPE/trunk@703 e4a50df8-12e2-0310-a44c-efbce7f8a7e3 --- diff --git a/sope-appserver/NGObjWeb/ChangeLog b/sope-appserver/NGObjWeb/ChangeLog index 9318fdff..f5fc7694 100644 --- a/sope-appserver/NGObjWeb/ChangeLog +++ b/sope-appserver/NGObjWeb/ChangeLog @@ -1,3 +1,7 @@ +2005-03-28 Stephane Corthesy + + * added NSString category NSString+JavaScriptEscaping (v4.5.145) + 2005-03-28 Helge Hess * WOComponentDefinition.m: moved WONoContentElement and diff --git a/sope-appserver/NGObjWeb/GNUmakefile b/sope-appserver/NGObjWeb/GNUmakefile index 5c2fc768..cd9572c7 100644 --- a/sope-appserver/NGObjWeb/GNUmakefile +++ b/sope-appserver/NGObjWeb/GNUmakefile @@ -70,6 +70,7 @@ libNGObjWeb_HEADER_FILES = \ WOPageGenerationContext.h \ WOElementTrackingContext.h \ WOComponentDefinition.h \ + NSString+JavaScriptEscaping.h \ NGObjWebCore_OBJC_FILES = \ NSObject+WO.m \ @@ -125,6 +126,7 @@ libNGObjWeb_OBJC_FILES = \ WOServerSessionStore.m \ WOSimpleHTTPParser.m \ WOStats.m \ + NSString+JavaScriptEscaping.m \ ifeq ($(FOUNDATION_LIB),apple) libNGObjWeb_OBJC_FILES += WOWatchDogApplicationMainOSX.m diff --git a/sope-appserver/NGObjWeb/NGObjWeb/NGObjWeb.h b/sope-appserver/NGObjWeb/NGObjWeb/NGObjWeb.h index 095496f7..61cf7642 100644 --- a/sope-appserver/NGObjWeb/NGObjWeb/NGObjWeb.h +++ b/sope-appserver/NGObjWeb/NGObjWeb/NGObjWeb.h @@ -49,6 +49,7 @@ #include #include +#include // kit class diff --git a/sope-appserver/NGObjWeb/NGObjWeb/NSString+JavaScriptEscaping.h b/sope-appserver/NGObjWeb/NGObjWeb/NSString+JavaScriptEscaping.h new file mode 100644 index 00000000..46ef6ea9 --- /dev/null +++ b/sope-appserver/NGObjWeb/NGObjWeb/NSString+JavaScriptEscaping.h @@ -0,0 +1,40 @@ +/* + Copyright (C) 2000-2005 SKYRIX Software AG + + This file is part of SOPE. + + SOPE is free software; you can redistribute it and/or modify it under + the terms of the GNU Lesser General Public License as published by the + Free Software Foundation; either version 2, or (at your option) any + later version. + + SOPE is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with SOPE; see the file COPYING. If not, write to the + Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. +*/ + +#ifndef __NGObjWeb_NSString_JavaScriptEscaping_H__ +#define __NGObjWeb_NSString_JavaScriptEscaping_H__ + +#import + +/* + Escape a string according to JavaScript escaping rules. + + For more information about JS escaping: + http://www.web-developer-india.com/web/jscript/ch02_05.html +*/ + +@interface NSString(JavaScriptEscaping) + +- (NSString *)stringByApplyingJavaScriptEscaping; + +@end + +#endif /* __NGObjWeb_NSString_JavaScriptEscaping_H__ */ diff --git a/sope-appserver/NGObjWeb/NSString+JavaScriptEscaping.m b/sope-appserver/NGObjWeb/NSString+JavaScriptEscaping.m new file mode 100644 index 00000000..31bd1b9f --- /dev/null +++ b/sope-appserver/NGObjWeb/NSString+JavaScriptEscaping.m @@ -0,0 +1,143 @@ +/* + Copyright (C) 2000-2005 SKYRIX Software AG + + This file is part of SOPE. + + SOPE is free software; you can redistribute it and/or modify it under + the terms of the GNU Lesser General Public License as published by the + Free Software Foundation; either version 2, or (at your option) any + later version. + + SOPE is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with SOPE; see the file COPYING. If not, write to the + Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. +*/ + +#include +#include "common.h" + +@implementation NSString(JavascriptEscaping) + +static inline unichar HEX_NIBBLE(unichar v) { + return (v > 9) ? (v - 10 + 'a') : (v + '0'); +} + +- (NSString *)stringByApplyingJavaScriptEscaping { + /* Replaces \b, \f, \n, \r, \t, ', " by \-escaped sequences. + Replaces non-ASCII characters by either \xXX escape sequences, + when character is in ISOLatin1, or \uXXXX escape sequences. + Result string can be used safely as a Javascript string value. + */ + NSString *javascriptEscapedString = self; + unsigned additionalCharCount = 0; + unsigned length = [self length]; + int i, firstEscapedCharIndex = -1, lastEscapedCharIndex = length; + + for(i = length - 1; i >= 0; i -=1) { + unichar aChar = [self characterAtIndex:i]; + + if (aChar > 255) { + additionalCharCount += 5; // \uXXXX + firstEscapedCharIndex = i; + } + else if (aChar > 127) { + additionalCharCount += 3; // \xXX + firstEscapedCharIndex = i; + } + else if (aChar == '\b' || aChar == '\f' || aChar == '\n' || + aChar == '\r' || + aChar == '\t' || aChar == '\'' || aChar == '"' || aChar == '\\') { + additionalCharCount += 1; + firstEscapedCharIndex = i; + } + if (lastEscapedCharIndex == length && additionalCharCount != 0) + lastEscapedCharIndex = i; + } + + if (additionalCharCount > 0) { + unsigned newLength = length + additionalCharCount; + unichar *newChars = NSZoneMalloc(NSDefaultMallocZone(), + sizeof(unichar) * newLength); + unsigned offset = 0; + + [self getCharacters:newChars range:NSMakeRange(0, firstEscapedCharIndex)]; + for(i = firstEscapedCharIndex; i <= lastEscapedCharIndex; i += 1) { + unichar aChar = [self characterAtIndex:i]; + + if (aChar > 255) { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 'u'; + newChars[i + offset + 2] = HEX_NIBBLE((aChar >> 12) & 0x0F); + newChars[i + offset + 3] = HEX_NIBBLE((aChar >> 8) & 0x0F); + newChars[i + offset + 4] = HEX_NIBBLE((aChar >> 4) & 0x0F); + newChars[i + offset + 5] = HEX_NIBBLE( aChar & 0x0F); + offset += 5; + } + else if (aChar > 127) { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 'x'; + newChars[i + offset + 2] = HEX_NIBBLE((aChar >> 4) & 0x0F); + newChars[i + offset + 3] = HEX_NIBBLE( aChar & 0x0F); + offset += 3; + } + else if (aChar == '\b') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 'b'; + offset += 1; + } + else if (aChar == '\f') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 'f'; + offset += 1; + } + else if (aChar == '\n') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 'n'; + offset += 1; + } + else if (aChar == '\r') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 'r'; + offset += 1; + } + else if (aChar == '\t') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = 't'; + offset += 1; + } + else if (aChar == '\'') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = '\''; + offset += 1; + } + else if (aChar == '"') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = '"'; + offset += 1; + } + else if (aChar == '\\') { + newChars[i + offset] = '\\'; + newChars[i + offset + 1] = '\\'; + offset += 1; + } + else + newChars[i + offset] = aChar; + } + if (lastEscapedCharIndex < length) + [self getCharacters:(newChars + offset + lastEscapedCharIndex + 1) + range:NSMakeRange(lastEscapedCharIndex + 1, + length - lastEscapedCharIndex - 1)]; + javascriptEscapedString = [NSString stringWithCharacters:newChars + length:newLength]; + } + + return javascriptEscapedString; +} + +@end /* NSString(JavascriptEscaping) */ diff --git a/sope-appserver/NGObjWeb/Version b/sope-appserver/NGObjWeb/Version index 7a1a2673..6deb9f8e 100644 --- a/sope-appserver/NGObjWeb/Version +++ b/sope-appserver/NGObjWeb/Version @@ -1,6 +1,6 @@ # version file -SUBMINOR_VERSION:=144 +SUBMINOR_VERSION:=145 # v4.5.122 requires libNGExtensions v4.5.153 # v4.5.91 requires libNGExtensions v4.5.134