root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

HtmlUtils properly escapes single quotes as well

This commit is contained in:
Juergen Hoeller 2011-07-27 20:35:41 +00:00
parent 9347ac358c
commit 38837eddfd
3 changed files with 24 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
org.springframework.web/src/main/java/org/springframework/web/util/HtmlCharacterEntityReferences.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2005 the original author or authors.
* Copyright 2002-2011 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -38,6 +38,8 @@ import org.springframework.util.Assert;
*/
class HtmlCharacterEntityReferences {
private static final String PROPERTIES_FILE = "HtmlCharacterEntityReferences.properties";
static final char REFERENCE_START = '&';
static final String DECIMAL_REFERENCE_START = "&#";
@ -49,12 +51,9 @@ class HtmlCharacterEntityReferences {
static final char CHAR_NULL = (char) -1;
private static final String PROPERTIES_FILE = "HtmlCharacterEntityReferences.properties";
private final String[] characterToEntityReferenceMap = new String[3000];
private final Map entityReferenceToCharacterMap = new HashMap(252);
private final Map<String, Character> entityReferenceToCharacterMap = new HashMap<String, Character>(252);
/**
@ -63,7 +62,7 @@ class HtmlCharacterEntityReferences {
public HtmlCharacterEntityReferences() {
Properties entityReferences = new Properties();
// Load refeence definition file.
// Load reference definition file
InputStream is = HtmlCharacterEntityReferences.class.getResourceAsStream(PROPERTIES_FILE);
if (is == null) {
throw new IllegalStateException(
@ -82,7 +81,7 @@ class HtmlCharacterEntityReferences {
"Failed to parse reference definition file [HtmlCharacterEntityReferences.properties]: " + ex.getMessage());
}
// Parse reference definition properites.
// Parse reference definition properties
Enumeration keys = entityReferences.propertyNames();
while (keys.hasMoreElements()) {
String key = (String) keys.nextElement();
@ -96,6 +95,7 @@ class HtmlCharacterEntityReferences {
}
}
/**
* Return the number of supported entity references.
*/
@ -128,7 +128,7 @@ class HtmlCharacterEntityReferences {
* Return the char mapped to the given entityReference or -1.
*/
public char convertToCharacter(String entityReference) {
Character referredCharacter = (Character) this.entityReferenceToCharacterMap.get(entityReference);
Character referredCharacter = this.entityReferenceToCharacterMap.get(entityReference);
if (referredCharacter != null) {
return referredCharacter.charValue();
}

5
org.springframework.web/src/main/resources/org/springframework/web/util/HtmlCharacterEntityReferences.properties
View File

@ -2,7 +2,6 @@
# A complete description of the HTML 4.0 character set can be found at:
# http://www.w3.org/TR/html4/charset.html
# Character entity references for ISO 8859-1 characters
160 = nbsp
@ -102,7 +101,6 @@
254 = thorn
255 = yuml
# Character entity references for symbols, mathematical symbols, and Greek letters
402 = fnof
@ -230,11 +228,11 @@
9829 = hearts
9830 = diams
# Character entity references for markup-significant and internationalization characters
34 = quot
38 = amp
39 = #39
60 = lt
62 = gt
338 = OElig
@ -265,4 +263,3 @@
8249 = lsaquo
8250 = rsaquo
8364 = euro

24
org.springframework.web/src/test/java/org/springframework/web/util/HtmlUtilsTests.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2007 the original author or authors.
* Copyright 2002-2011 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,31 +16,36 @@
package org.springframework.web.util;
import junit.framework.TestCase;
import org.junit.Test;
import static org.junit.Assert.*;
/**
* @author Alef Arendsen
* @author Martin Kersten
* @author Rick Evans
*/
public class HtmlUtilsTests extends TestCase {
public class HtmlUtilsTests {
@Test
public void testHtmlEscape() {
String unescaped = "\"This is a quote";
String unescaped = "\"This is a quote'";
String escaped = HtmlUtils.htmlEscape(unescaped);
assertEquals("&quot;This is a quote", escaped);
assertEquals("&quot;This is a quote&#39;", escaped);
escaped = HtmlUtils.htmlEscapeDecimal(unescaped);
assertEquals("&#34;This is a quote", escaped);
assertEquals("&#34;This is a quote&#39;", escaped);
escaped = HtmlUtils.htmlEscapeHex(unescaped);
assertEquals("&#x22;This is a quote", escaped);
assertEquals("&#x22;This is a quote&#x27;", escaped);
}
@Test
public void testHtmlUnescape() {
String escaped = "&quot;This is a quote";
String escaped = "&quot;This is a quote&#39;";
String unescaped = HtmlUtils.htmlUnescape(escaped);
assertEquals(unescaped, "\"This is a quote");
assertEquals(unescaped, "\"This is a quote'");
}
@Test
public void testEncodeIntoHtmlCharacterSet() {
assertNull("A null string should be converted to a null string",
HtmlUtils.htmlEscape(null));
@ -66,6 +71,7 @@ public class HtmlUtilsTests extends TestCase {
"&#977;", HtmlUtils.htmlEscapeDecimal("" + (char) 977));
}
@Test
public void testDecodeFromHtmlCharacterSet() {
assertNull("A null string should be converted to a null string",
HtmlUtils.htmlUnescape(null));