/** * Loads assumed-safe content from a Java resource. * * <p>This performs ZERO VALIDATION of the data, and takes you on your word that the input is * valid. We assume that resources should be safe because they are part of the binary, and * therefore not attacker controlled, unless the source code is compromised (in which there's * nothing we can do). * * @param resourceName The name of the resource to be found using {@linkplain * Thread#getContextClassLoader() context class loader}. * @param charset The character set to use, usually Charsets.UTF_8. * @param kind The content kind of the resource. */ public static SanitizedContent fromResource( String resourceName, Charset charset, ContentKind kind) throws IOException { pretendValidateResource(resourceName, kind); return SanitizedContent.create( Resources.toString(Resources.getResource(resourceName), charset), kind, // Text resources are usually localized, so one might think that the locale direction should // be assumed for them. We do not do that because: // - We do not know the locale direction here. // - Some messages do not get translated. // - This method currently can't be used for text resources (see pretendValidateResource()). kind.getDefaultDir()); }
/** * Loads assumed-safe content from a Java resource. * * <p>This performs ZERO VALIDATION of the data, and takes you on your word that the input is * valid. We assume that resources should be safe because they are part of the binary, and * therefore not attacker controlled, unless the source code is compromised (in which there's * nothing we can do). * * @param contextClass Class relative to which to load the resource. * @param resourceName The name of the resource, relative to the context class. * @param charset The character set to use, usually Charsets.UTF_8. * @param kind The content kind of the resource. */ public static SanitizedContent fromResource( Class<?> contextClass, String resourceName, Charset charset, ContentKind kind) throws IOException { pretendValidateResource(resourceName, kind); return SanitizedContent.create( Resources.toString(Resources.getResource(contextClass, resourceName), charset), kind, // Text resources are usually localized, so one might think that the locale direction should // be assumed for them. We do not do that because: // - We do not know the locale direction here. // - Some messages do not get translated. // - This method currently can't be used for text resources (see pretendValidateResource()). kind.getDefaultDir()); }
/** * Loads assumed-safe content from a Java resource. * * <p>This performs ZERO VALIDATION of the data, and takes you on your word that the input is * valid. We assume that resources should be safe because they are part of the binary, and * therefore not attacker controlled, unless the source code is compromised (in which there's * nothing we can do). * * @param resourceName The name of the resource to be found using {@linkplain * Thread#getContextClassLoader() context class loader}. * @param charset The character set to use, usually Charsets.UTF_8. * @param kind The content kind of the resource. */ public static SanitizedContent fromResource( String resourceName, Charset charset, ContentKind kind) throws IOException { pretendValidateResource(resourceName, kind); return SanitizedContent.create( Resources.toString(Resources.getResource(resourceName), charset), kind, // Text resources are usually localized, so one might think that the locale direction should // be assumed for them. We do not do that because: // - We do not know the locale direction here. // - Some messages do not get translated. // - This method currently can't be used for text resources (see pretendValidateResource()). kind.getDefaultDir()); }
/** * Loads assumed-safe content from a Java resource. * * <p>This performs ZERO VALIDATION of the data, and takes you on your word that the input is * valid. We assume that resources should be safe because they are part of the binary, and * therefore not attacker controlled, unless the source code is compromised (in which there's * nothing we can do). * * @param contextClass Class relative to which to load the resource. * @param resourceName The name of the resource, relative to the context class. * @param charset The character set to use, usually Charsets.UTF_8. * @param kind The content kind of the resource. */ public static SanitizedContent fromResource( Class<?> contextClass, String resourceName, Charset charset, ContentKind kind) throws IOException { pretendValidateResource(resourceName, kind); return SanitizedContent.create( Resources.toString(Resources.getResource(contextClass, resourceName), charset), kind, // Text resources are usually localized, so one might think that the locale direction should // be assumed for them. We do not do that because: // - We do not know the locale direction here. // - Some messages do not get translated. // - This method currently can't be used for text resources (see pretendValidateResource()). kind.getDefaultDir()); }
CompiledMethodBody compile( RenderUnitNode node, ExtraCodeCompiler prefix, ExtraCodeCompiler suffix) { List<Statement> statements = new ArrayList<>(); // Tag the content with the kind if (node.getContentKind() != null) { statements.add( appendableExpression .setSanitizedContentKind(node.getContentKind()) .setSanitizedContentDirectionality( ContentKind.valueOf(node.getContentKind().name()).getDefaultDir()) .toStatement()); } statements.add(prefix.compile(exprCompiler, appendableExpression)); statements.add(visitChildrenInNewScope(node)); statements.add(suffix.compile(exprCompiler, appendableExpression)); statements.add( // needs to go at the beginning but can only be generated after the whole method body. 0, detachState.generateReattachTable()); return CompiledMethodBody.create( Statement.concat(statements), detachState.getNumberOfDetaches()); }
CompiledMethodBody compile(RenderUnitNode node) { Statement templateBody = visitChildrenInNewScope(node); // Tag the content with the kind if (node.getContentKind() != null) { templateBody = Statement.concat( appendableExpression.setSanitizedContentKind(node.getContentKind()).toStatement(), appendableExpression .setSanitizedContentDirectionality( ContentKind.valueOf(node.getContentKind().name()).getDefaultDir()) .toStatement(), templateBody); } Statement jumpTable = detachState.generateReattachTable(); return CompiledMethodBody.create( Statement.concat(jumpTable, templateBody), detachState.getNumberOfDetaches()); }
/** * Faithfully assumes the provided value is "safe" and marks it not to be re-escaped. The value's * direction is assumed to be LTR for JS, URI, ATTRIBUTES, and CSS content, and otherwise unknown. * * <p>When you "ordain" a string as safe content, it means that Soy will NOT re-escape or validate * the contents if printed in the relevant context. You can use this to insert known-safe HTML * into a template via a parameter. * * <p>This doesn't do a lot of strict checking, but makes it easier to differentiate safe * constants in your code. */ public static SanitizedContent ordainAsSafe(String value, ContentKind kind) { return ordainAsSafe(value, kind, kind.getDefaultDir()); }
private UnsanitizedString(String content) { super(content, ContentKind.TEXT, ContentKind.TEXT.getDefaultDir()); }
/** * Faithfully assumes the provided value is "safe" and marks it not to be re-escaped. The value's * direction is assumed to be LTR for JS, URI, ATTRIBUTES, and CSS content, and otherwise unknown. * * <p>When you "ordain" a string as safe content, it means that Soy will NOT re-escape or validate * the contents if printed in the relevant context. You can use this to insert known-safe HTML * into a template via a parameter. * * <p>This doesn't do a lot of strict checking, but makes it easier to differentiate safe * constants in your code. */ public static SanitizedContent ordainAsSafe(String value, ContentKind kind) { return ordainAsSafe(value, kind, kind.getDefaultDir()); }
/** Creates a SanitizedContent object with default direction. */ static SanitizedContent create(String content, ContentKind kind) { return new ConstantContent(content, kind, kind.getDefaultDir()); }
/** Creates a SanitizedContent that wraps the given thunk. */ public static SanitizedContent forThunk(RenderableThunk value, ContentKind kind) { return SanitizedContent.createLazy(value, kind, kind.getDefaultDir()); }
/** Creates a SanitizedContent object with default direction. */ static SanitizedCompatString create(String content, ContentKind kind) { return new SanitizedCompatString(content, kind, kind.getDefaultDir()); } }
/** Creates a SanitizedContent object with default direction. */ static SanitizedContent create(String content, ContentKind kind) { checkArgument( kind != ContentKind.TEXT, "Use UnsanitizedString for SanitizedContent with a kind of TEXT"); if (Flags.stringIsNotSanitizedContent()) { return new SanitizedContent(content, kind, kind.getDefaultDir()); } return SanitizedCompatString.create(content, kind, kind.getDefaultDir()); }