private static final void writeAttr(Writer out, String name, String value) throws IOException { out.write(' '); out.write(name); out.write("=\""); out.write(XMLs.encodeAttribute(value)); out.write('"'); }
/** * Internal Use Only. */ private static String escapeParam(String param) { return Strings.escape(XMLs.encodeText(param), Strings.ESCAPE_JAVASCRIPT); }
/** Encodes a string that special characters are quoted to be compatible * with HTML/XML. * For example, < is translated to &lt;. * * & -> &amp;<br/> * < -> &lt;<br/> * > -> &gt;<br/> * " -> &#034;<br/> * ' -> &#039;<br/> * * @param s the string to quote; null is OK * @return the escaped string, or an empty string if s is null */ public static final String escapeXML(String s) { if (s == null) return ""; final StringBuffer sb = new StringBuffer(s.length() + 16); for (int j = 0, len = s.length(); j < len; ++j) { final char cc = s.charAt(j); final String esc = escapeXML(cc); if (esc != null) sb.append(esc); else sb.append(cc); } return s.length() == sb.length() ? s: sb.toString(); } /** Escapes a character into a string if it is a special XML character,
/** * @param hideUuidIfNoId * whether not to generate UUID if possible */ /* package */ String getPrologHalf(boolean hideUuidIfNoId) { final StringBuilder sb = new StringBuilder(128).append('<').append(_tagnm); if ((!hideUuidIfNoId && !shallHideId()) || getId().length() > 0) sb.append(" id=\"").append(getUuid()).append('"'); if (_props != null) { for (Iterator it = _props.entrySet().iterator(); it.hasNext();) { final Map.Entry me = (Map.Entry) it.next(); if (!"textContent".equals(me.getKey())) { // ignore textContent // ZK-3011: should getValue if it's a deferredValue Object v = me.getValue(); if (v instanceof DeferredValue) { v = ((DeferredValue) v).getValue(); } sb.append(' ').append(me.getKey()).append("=\"") .append(XMLs.encodeAttribute(Objects.toString(v))).append('"'); } } } if (!isOrphanTag()) sb.append('/'); sb.append('>'); Object textContent = getDynamicProperty("textContent"); if (textContent != null) sb.append(XMLs.escapeXML((String) textContent)); return sb.toString(); }
data = ("(window.zk&&zk.error?zk.error:alert)('" + XMLs.encodeText(pi) + " not found');") .getBytes("UTF-8"); if (Servlets.isIncluded(request)) log.error("Resource not found: " + Encodes.encodeURI(pi)); response.sendError(HttpServletResponse.SC_NOT_FOUND, XMLs.escapeXML(pi)); return;
private static final void writeAttr(Writer out, String name, String value) throws IOException { out.write(' '); out.write(name); out.write("=\""); out.write(XMLs.encodeAttribute(value)); out.write('"'); } }
/** Render the crawlable text. * If crawlable is not enabled or the text is empty, nothing is generated. * @param text the text that is crawlable. * If null or empty, nothing is generated. * @since 5.0.0 */ public static void renderCrawlableText(String text) throws IOException { if (text != null && text.length() > 0) { final HtmlPageRenders.RenderContext rc = HtmlPageRenders.getRenderContext(null); if (rc != null && rc.crawlable) { final Writer cwout = rc.temp; cwout.write("<div>"); cwout.write(XMLs.encodeText(text)); //encode required since it might not be valid HTML cwout.write("</div>\n"); } } }
replace = " "; else replace = XMLs.escapeXML(cc);
/** Appends an attribute to the string buffer, * if <code>attrValue</code> is not null. */ protected static final void append(StringBuffer sb, String attrName, String attrValue) { if (attrValue != null) sb.append(' ').append(attrName).append("=\"").append(XMLs.encodeAttribute(attrValue)).append('"'); //it might contain " or other special characters }
public void redraw(Writer out) throws IOException { final Execution exec = Executions.getCurrent(); if (!HtmlPageRenders.isDirectContent(exec)) { super.redraw(out); return; } final boolean idRequired = isIdRequired(); if (idRequired) { out.write("<span id=\""); out.write(getUuid()); out.write("\">"); } out.write(_encode ? XMLs.encodeText(_value) : _value); if (idRequired) out.write("</span>"); final TagRenderContext rc = PageRenderer.getTagRenderContext(exec); if (rc != null) { rc.renderBegin(this, getClientEvents(), getSpecialRendererOutput(this), false); rc.renderEnd(this); } }
response.sendError(HttpServletResponse.SC_NOT_FOUND, XMLs.escapeXML(path)); return;
/** Appends an attribute to the string buffer for HTML/XML (name="val"). * If val is null or empty (if String), nothing is generated. * * <p>Note: {@link XMLs#encodeAttribute} is called automatically * to encode val. */ public static final void appendAttribute(StringBuffer sb, String name, String val) { if (val != null && val.length() != 0) sb.append(' ').append(name).append("=\"") .append(XMLs.encodeAttribute(val)).append('"'); } /** Appends an attribute to the string buffer for HTML/XML (name="val").
sid = escapeParam(request.getParameter("sid")); desktop = ((WebAppCtrl) sess.getWebApp()).getDesktopCache(sess) .getDesktop(XMLs.encodeText(request.getParameter("dtid")));
log.error("Not found: " + path); response.sendError(HttpServletResponse.SC_NOT_FOUND, XMLs.escapeXML(path)); return;
/** Appends an attribute to the string buffer for HTML/XML (name="val"). * If emptyIgnored is true and val is null or empty (if String), * nothing is generated. * * <p>Note: {@link XMLs#encodeAttribute} is called automatically * to encode val. * * @param emptyIgnored whether to ignore a null or empty string. * If false, it is always generated (null is generated as "null"). */ public static final void appendAttribute(StringBuffer sb, String name, String val, boolean emptyIgnored) { if (!emptyIgnored || (val != null && val.length() != 0)) sb.append(' ').append(name).append("=\"") .append(val != null ? XMLs.encodeAttribute(val): null) .append('"'); } /** Appends an attribute with a int value to the string buffer for HTML/XML (name="val").
} else { String msg = wapp.getConfiguration().getTimeoutMessage(deviceType); dtid = XMLs.encodeText(dtid); // Fix ZK-1862 security issue if (msg != null && msg.startsWith("label:")) { final String key;