/** * Escape content for use in XML. * * @param content The content to escape * * @return The escaped content or {@code null} if the content was * {@code null} */ public static String xml(String content) { return xml(null, content); }
/** * Convert the object to a string via {@link Object#toString()} and HTML * escape the resulting string for use in HTML content. * * @param obj The object to convert to String and then escape * * @return The escaped content or <code>"?"</code> if obj is * {@code null} */ public static String htmlElementContent(Object obj) { if (obj == null) { return "?"; } try { return htmlElementContent(obj.toString()); } catch (Exception e) { return null; } }
protected String encode(String value, String encoding) { String retVal = null; if (encoding.equalsIgnoreCase("url")) { retVal = URLEncoder.DEFAULT.encode(value, StandardCharsets.UTF_8); } else if (encoding.equalsIgnoreCase("none")) { retVal = value; } else if (encoding.equalsIgnoreCase("entity")) { retVal = Escape.htmlElementContent(value); } else { //This shouldn't be possible throw new IllegalArgumentException("Unknown encoding: " + encoding); } return retVal; }
/** * Escape content for use in XML. * * @param ifNull The value to return if content is {@code null} * @param content The content to escape * * @return The escaped content or the value of {@code ifNull} if the * content was {@code null} */ public static String xml(String ifNull, String content) { return xml(ifNull, false, content); }
protected String encode(String value, String encoding) { String retVal = null; if (encoding.equalsIgnoreCase("url")) { retVal = URLEncoder.DEFAULT.encode(value, StandardCharsets.UTF_8); } else if (encoding.equalsIgnoreCase("none")) { retVal = value; } else if (encoding.equalsIgnoreCase("entity")) { retVal = Escape.htmlElementContent(value); } else { //This shouldn't be possible throw new IllegalArgumentException("Unknown encoding: " + encoding); } return retVal; }
/** * Takes a potential expression and converts it into XML form. * @param expression The expression to convert * @return XML view */ public static String getExprInXml(String expression) { String returnString; int length = expression.length(); if (expression.startsWith(OPEN_EXPR) && expression.endsWith(CLOSE_EXPR)) { returnString = expression.substring(1, length - 1); } else { returnString = expression; } return Escape.xml(returnString); }
writer.print(Escape.htmlElementContent(servletName)); if ((mappings != null) && (mappings.length > 0)) { writer.print(" [ "); for (int i = 0; i < mappings.length; i++) { writer.print(Escape.htmlElementContent(mappings[i])); if (i < mappings.length - 1) { writer.print(" , ");
private static void appendElement(StringBuilder sb, String indent, String elementName, String value) { if (value == null) { return; } if (value.length() == 0) { sb.append(indent); sb.append('<'); sb.append(elementName); sb.append("/>\n"); } else { sb.append(indent); sb.append('<'); sb.append(elementName); sb.append('>'); sb.append(Escape.xml(value)); sb.append("</"); sb.append(elementName); sb.append(">\n"); } }
writer.print(Escape.htmlElementContent(webModuleName)); writer.print("</a>"); if (iterator.hasNext()) {
private static void appendElement(StringBuilder sb, String indent, String elementName, String value) { if (value == null) { return; } if (value.length() == 0) { sb.append(indent); sb.append('<'); sb.append(elementName); sb.append("/>\n"); } else { sb.append(indent); sb.append('<'); sb.append(elementName); sb.append('>'); sb.append(Escape.xml(value)); sb.append("</"); sb.append(elementName); sb.append(">\n"); } }
protected static boolean validateContextName(ContextName cn, PrintWriter writer, StringManager sm) { // ContextName should be non-null with a path that is empty or starts // with / if (cn != null && (cn.getPath().startsWith("/") || cn.getPath().equals(""))) { return true; } String path = null; if (cn != null) { path = Escape.htmlElementContent(cn.getPath()); } writer.println(sm.getString("managerServlet.invalidPath", path)); return false; }
@Override public void visit(Text n) throws JasperException { output.append(ELParser.escapeLiteralExpression( Escape.xml(n.getText()), isDeferredSyntaxAllowedAsLiteral)); } }
writer.print(Escape.htmlElementContent(webModuleName)); writer.print("</a>"); if (iterator.hasNext()) {
sb.append(Escape.xml(username)); sb.append("\""); if (fullName != null) { sb.append(", fullName=\""); sb.append(Escape.xml(fullName)); sb.append("\""); if (groups.size() > 0) { sb.append(", groups=\""); StringUtils.join(groups, ',', (x) -> Escape.xml(x.getGroupname()), sb); sb.append("\""); if (roles.size() > 0) { sb.append(", roles=\""); StringUtils.join(roles, ',', (x) -> Escape.xml(x.getRolename()), sb); sb.append("\"");
protected static boolean validateContextName(ContextName cn, PrintWriter writer, StringManager sm) { // ContextName should be non-null with a path that is empty or starts // with / if (cn != null && (cn.getPath().startsWith("/") || cn.getPath().equals(""))) { return true; } String path = null; if (cn != null) { path = Escape.htmlElementContent(cn.getPath()); } writer.println(sm.getString("managerServlet.invalidPath", path)); return false; }
sb.append(Escape.xml(username)); sb.append("\""); if (fullName != null) { sb.append(", fullName=\""); sb.append(Escape.xml(fullName)); sb.append("\""); if (groups.size() > 0) { sb.append(", groups=\""); StringUtils.join(groups, ',', (x) -> Escape.xml(x.getGroupname()), sb); sb.append("\""); if (roles.size() > 0) { sb.append(", roles=\""); StringUtils.join(roles, ',', (x) -> Escape.xml(x.getRolename()), sb); sb.append("\"");
private void handleMissingResource(HttpServletRequest request, HttpServletResponse response, String jspUri) throws ServletException, IOException { String includeRequestUri = (String)request.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI); if (includeRequestUri != null) { // This file was included. Throw an exception as // a response.sendError() will be ignored String msg = Localizer.getMessage("jsp.error.file.not.found",jspUri); // Strictly, filtering this is an application // responsibility but just in case... throw new ServletException(Escape.htmlElementContent(msg)); } else { try { response.sendError(HttpServletResponse.SC_NOT_FOUND, request.getRequestURI()); } catch (IllegalStateException ise) { log.error(Localizer.getMessage("jsp.error.file.not.found", jspUri)); } } }
sb.append(Escape.xml(username)); sb.append("\" password=\""); sb.append(Escape.xml(password)); sb.append("\""); if (fullName != null) { sb.append(" fullName=\""); sb.append(Escape.xml(fullName)); sb.append("\""); if (groups.size() > 0) { sb.append(" groups=\""); StringUtils.join(groups, ',', (x) -> Escape.xml(x.getGroupname()), sb); sb.append("\""); if (roles.size() > 0) { sb.append(" roles=\""); StringUtils.join(roles, ',', (x) -> Escape.xml(x.getRolename()), sb); sb.append("\"");
writer.print(Escape.htmlElementContent(servletName)); if ((mappings != null) && (mappings.length > 0)) { writer.print(" [ "); for (int i = 0; i < mappings.length; i++) { writer.print(Escape.htmlElementContent(mappings[i])); if (i < mappings.length - 1) { writer.print(" , ");
@Override public void visit(Node.ELExpression n) throws JasperException { if (!n.getRoot().isXmlSyntax()) { buf.append("<").append(JSP_TEXT_ACTION); buf.append(" "); buf.append(jspIdPrefix); buf.append(":id=\""); buf.append(jspId++).append("\">"); } buf.append("${"); buf.append(Escape.xml(n.getText())); buf.append("}"); if (!n.getRoot().isXmlSyntax()) { buf.append(JSP_TEXT_ACTION_END); } buf.append("\n"); }