You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
168 lines
3.3 KiB
168 lines
3.3 KiB
'use strict'; |
|
|
|
// Declare internals |
|
|
|
const internals = {}; |
|
|
|
|
|
exports.escapeJavaScript = function (input) { |
|
|
|
if (!input) { |
|
return ''; |
|
} |
|
|
|
let escaped = ''; |
|
|
|
for (let i = 0; i < input.length; ++i) { |
|
|
|
const charCode = input.charCodeAt(i); |
|
|
|
if (internals.isSafe(charCode)) { |
|
escaped += input[i]; |
|
} |
|
else { |
|
escaped += internals.escapeJavaScriptChar(charCode); |
|
} |
|
} |
|
|
|
return escaped; |
|
}; |
|
|
|
|
|
exports.escapeHtml = function (input) { |
|
|
|
if (!input) { |
|
return ''; |
|
} |
|
|
|
let escaped = ''; |
|
|
|
for (let i = 0; i < input.length; ++i) { |
|
|
|
const charCode = input.charCodeAt(i); |
|
|
|
if (internals.isSafe(charCode)) { |
|
escaped += input[i]; |
|
} |
|
else { |
|
escaped += internals.escapeHtmlChar(charCode); |
|
} |
|
} |
|
|
|
return escaped; |
|
}; |
|
|
|
|
|
exports.escapeJson = function (input) { |
|
|
|
if (!input) { |
|
return ''; |
|
} |
|
|
|
const lessThan = 0x3C; |
|
const greaterThan = 0x3E; |
|
const andSymbol = 0x26; |
|
const lineSeperator = 0x2028; |
|
|
|
// replace method |
|
let charCode; |
|
return input.replace(/[<>&\u2028\u2029]/g, (match) => { |
|
|
|
charCode = match.charCodeAt(0); |
|
|
|
if (charCode === lessThan) { |
|
return '\\u003c'; |
|
} |
|
else if (charCode === greaterThan) { |
|
return '\\u003e'; |
|
} |
|
else if (charCode === andSymbol) { |
|
return '\\u0026'; |
|
} |
|
else if (charCode === lineSeperator) { |
|
return '\\u2028'; |
|
} |
|
return '\\u2029'; |
|
}); |
|
}; |
|
|
|
|
|
internals.escapeJavaScriptChar = function (charCode) { |
|
|
|
if (charCode >= 256) { |
|
return '\\u' + internals.padLeft('' + charCode, 4); |
|
} |
|
|
|
const hexValue = new Buffer(String.fromCharCode(charCode), 'ascii').toString('hex'); |
|
return '\\x' + internals.padLeft(hexValue, 2); |
|
}; |
|
|
|
|
|
internals.escapeHtmlChar = function (charCode) { |
|
|
|
const namedEscape = internals.namedHtml[charCode]; |
|
if (typeof namedEscape !== 'undefined') { |
|
return namedEscape; |
|
} |
|
|
|
if (charCode >= 256) { |
|
return '&#' + charCode + ';'; |
|
} |
|
|
|
const hexValue = new Buffer(String.fromCharCode(charCode), 'ascii').toString('hex'); |
|
return '&#x' + internals.padLeft(hexValue, 2) + ';'; |
|
}; |
|
|
|
|
|
internals.padLeft = function (str, len) { |
|
|
|
while (str.length < len) { |
|
str = '0' + str; |
|
} |
|
|
|
return str; |
|
}; |
|
|
|
|
|
internals.isSafe = function (charCode) { |
|
|
|
return (typeof internals.safeCharCodes[charCode] !== 'undefined'); |
|
}; |
|
|
|
|
|
internals.namedHtml = { |
|
'38': '&', |
|
'60': '<', |
|
'62': '>', |
|
'34': '"', |
|
'160': ' ', |
|
'162': '¢', |
|
'163': '£', |
|
'164': '¤', |
|
'169': '©', |
|
'174': '®' |
|
}; |
|
|
|
|
|
internals.safeCharCodes = (function () { |
|
|
|
const safe = {}; |
|
|
|
for (let i = 32; i < 123; ++i) { |
|
|
|
if ((i >= 97) || // a-z |
|
(i >= 65 && i <= 90) || // A-Z |
|
(i >= 48 && i <= 57) || // 0-9 |
|
i === 32 || // space |
|
i === 46 || // . |
|
i === 44 || // , |
|
i === 45 || // - |
|
i === 58 || // : |
|
i === 95) { // _ |
|
|
|
safe[i] = null; |
|
} |
|
} |
|
|
|
return safe; |
|
}());
|
|
|