mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Add two new filters: One for theoretically valid URIs, and one for strings being embedded _into_ URIs. Note that the first overrides the Template::Filters version since that version is arguably incorrect.

This commit is contained in:
ian%hixie.ch 2002-09-11 23:11:43 +00:00
Родитель 3d583e763d
Коммит ad095c7804
1 изменённых файлов: 28 добавлений и 1 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

29
webtools/PLIF/PLIF/Service/TemplateToolkit.pm
Просмотреть файл

@ -80,7 +80,7 @@ sub expand {
package PLIF::Service::TemplateToolkit::Context; package PLIF::Service::TemplateToolkit::Context;
use strict; use strict;
use vars qw(@ISA); use vars qw(@ISA $URI_ESCAPES);
@ISA = qw(Template::Context); @ISA = qw(Template::Context);
1; 1;
@ -97,6 +97,8 @@ sub new {
'htmljs' => \&html_js_filter, # for use in strings in JS in HTML <script> blocks 'htmljs' => \&html_js_filter, # for use in strings in JS in HTML <script> blocks
'js' => \&js_filter, # for use in strings in JS 'js' => \&js_filter, # for use in strings in JS
'css' => \&css_filter, # for use in strings in CSS 'css' => \&css_filter, # for use in strings in CSS
'uri' => \&uri_light_filter, # ensuring a theoretically valid URI
'uri_parameter' => \&uri_heavy_filter, # for use in embedding strings into a URI
} }
}); });
if (defined($self)) { if (defined($self)) {
@ -267,3 +269,28 @@ sub css_filter {
$text =~ s/([\\'"])/\\$1/go; # escape backslashes and quotes $text =~ s/([\\'"])/\\$1/go; # escape backslashes and quotes
return $text; return $text;
} }
# This was based on the equivalent function in Template::Filters,
# which was copied from URI::Escape. The changes are that I no longer
# escape the "#" character, but do escape "'", "(" and ")".
sub uri_light_filter {
my $text = shift;
# construct and cache a lookup table for escapes (faster than
# doing a sprintf() for every character in every string each time)
$URI_ESCAPES ||= { map { (chr($_), sprintf("%%%02X", $_)) } (0..255) };
$text =~ s/([^;\/?:@&=+\$,A-Za-z0-9\-_.!~*#])/$URI_ESCAPES->{$1}/g;
$text;
}
# This was based on the equivalent function in Template::Filters,
# which was copied from URI::Escape. The changes are that this escapes
# almost _everything_, making it suitable for escaping text which is
# to be put into URIs, e.g. into parameters.
sub uri_heavy_filter {
my $text = shift;
# construct and cache a lookup table for escapes (faster than
# doing a sprintf() for every character in every string each time)
$URI_ESCAPES ||= { map { (chr($_), sprintf("%%%02X", $_)) } (0..255) };
$text =~ s/([^A-Za-z0-9_.])/$URI_ESCAPES->{$1}/g;
$text;
}