KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > myvietnam > mvncore > filter > URLFilter


1 /*
2  * $Header: /cvsroot/mvnforum/myvietnam/src/net/myvietnam/mvncore/filter/URLFilter.java,v 1.14 2006/04/15 02:59:19 minhnn Exp $
3  * $Author: minhnn $
4  * $Revision: 1.14 $
5  * $Date: 2006/04/15 02:59:19 $
6  *
7  * ====================================================================
8  *
9  * Copyright (C) 2002-2006 by MyVietnam.net
10  *
11  * All copyright notices regarding MyVietnam and MyVietnam CoreLib
12  * MUST remain intact in the scripts and source code.
13  *
14  * This library is free software; you can redistribute it and/or
15  * modify it under the terms of the GNU Lesser General Public
16  * License as published by the Free Software Foundation; either
17  * version 2.1 of the License, or (at your option) any later version.
18  *
19  * This library is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22  * Lesser General Public License for more details.
23  *
24  * You should have received a copy of the GNU Lesser General Public
25  * License along with this library; if not, write to the Free Software
26  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
27  *
28  * Correspondence and Marketing Questions can be sent to:
29  * info at MyVietnam net
30  *
31  * @author: Anatol Pomozov (aka wassup)
32  * @author: Minh Nguyen
33  */
34 package net.myvietnam.mvncore.filter;
35
36 import net.myvietnam.mvncore.MVNCoreConfig;
37 import net.myvietnam.mvncore.service.EncoderService;
38 import net.myvietnam.mvncore.service.MvnCoreServiceFactory;
39
40 public final class URLFilter {
41
42     static final boolean OPEN_NEW_WINDOW = true;
43     
44     private static EncoderService encoderService = MvnCoreServiceFactory.getMvnCoreService().getEncoderService();
45
46     private URLFilter() { //prevent instantiation
47 }
48
49     /**
50      * NOTE: For security, we should call DisableHtmlTagFilter before call this method
51      * @param input the string to filter
52      * @return the string after being filtered
53      */
54     public static String JavaDoc filter(String JavaDoc input) {
55         if (input == null || input.length() == 0)
56             return input;
57         StringBuffer JavaDoc buf = new StringBuffer JavaDoc(input.length() + 25);
58         char chars[] = input.toCharArray();
59         int len = input.length();
60         int index = -1;
61         int i = 0;
62         int j = 0;
63         int oldend = 0;
64         while (++index < len) {
65             char cur = chars[i = index];
66             j = -1;
67             if ((cur == 'f' && index < len - 6 && chars[++i] == 't' && chars[++i] == 'p' ||
68                  cur == 'h' && (i = index) < len - 7 && chars[++i] == 't' && chars[++i] == 't' && chars[++i] == 'p' && (chars[++i] == 's' || chars[--i] == 'p'))
69                  && i < len - 4 && chars[++i] == ':' && chars[++i] == '/' && chars[++i] == '/')
70                 j = ++i;
71             if (j > 0) {// check to process http:// or https:// or ftp://
72 if (index == 0 || (cur = chars[index - 1]) != '\'' && cur != '"' && cur != '<' && cur != '=') {
73                     cur = chars[j];
74                     while (j < len) {
75                         if (cur == ' ' || cur == '\t' || cur == '\'' ||
76                             cur == '"' || cur == '<' || cur == '[' ||
77                             cur == '\n' ||
78                             cur == '\r' && j < len - 1 && chars[j + 1] == '\n')
79                             break;
80                         if (++j < len)
81                             cur = chars[j];
82                     }
83                     cur = chars[j - 1];
84                     if (cur == '.' || cur == ',' || cur == ')' || cur == ']')
85                         j--;
86                     buf.append(chars, oldend, index - oldend);
87                     buf.append("<a HREF=\"");
88                     String JavaDoc href = input.substring(index, j).trim();
89                     //buf.append(chars, index, j - index);
90 buf.append(encoderService.filterUrl(href));
91                     buf.append('"');
92                     if (OPEN_NEW_WINDOW) {
93                         buf.append(" target=\"_blank\"");
94                     }
95                     if (MVNCoreConfig.getEnableLinkNofollow()) {
96                         buf.append(" rel=\"nofollow\"");
97                     }
98                     buf.append('>');
99                     //buf.append(chars, index, j - index);
100 buf.append(href);// should we filter it ???
101 buf.append("</a>");
102                 } else {
103                     buf.append(chars, oldend, j - oldend);
104                 }
105                 oldend = index = j;
106             } else
107             if (cur == '[' && index < len - 6 && chars[i = index + 1] == 'u' && chars[++i] == 'r' && chars[++i] == 'l' &&
108                 (chars[++i] == '=' || chars[i] == ' ')) {
109                 // process [url]
110 j = ++i;
111                 int u2;
112                 int u1 = u2 = input.indexOf("]", j);
113                 if (u1 > 0) {
114                     u2 = input.indexOf("[/url]", u1 + 1);
115                 }
116                 if (u2 < 0) {
117                     buf.append(chars, oldend, j - oldend);
118                     oldend = j;
119                 } else {
120                     buf.append(chars, oldend, index - oldend);
121                     buf.append("<a HREF=\"");
122                     String JavaDoc href = input.substring(j, u1).trim();
123                     // Add http:// to the front of links if and only if it doesn't have any protocols.
124 // Doing this handles this: "[url=sun.com]SUN[/url]"
125 // Changing it to <a HREF="http://sun.com">SUN</a>
126 // instead of <a HREF="http://localhost:8080/mvnforum/sun.com">SUN</a>
127 if ( (href.indexOf("://") == -1) && (href.startsWith("mailto:") == false) ) {
128                         href = "http://" + href;
129                     }
130                     if (href.indexOf("javascript:") == -1 && href.indexOf("file:") == -1) {
131                         buf.append(encoderService.filterUrl(href));
132                     }
133                     if (OPEN_NEW_WINDOW) {
134                         buf.append("\" target=\"_blank");
135                     }
136                     if (MVNCoreConfig.getEnableLinkNofollow()) {
137                         buf.append(" rel=\"nofollow\"");
138                     }
139                     buf.append("\">");
140                     buf.append(input.substring(u1 + 1, u2).trim());
141                     buf.append("</a>");
142                     oldend = u2 + 6; // 6 == length of [/url]
143 }
144                 index = oldend - 1;// set to the last char of the tag, that is ']'
145 } else
146             if (cur == '[' && index < len - 6 && chars[i = index + 1] == 'i' && chars[++i] == 'm' && chars[++i] == 'g' && chars[++i] == ']' ) {
147                 //process [img]
148 j = ++i;
149                 int u1 = j-1;
150                 int u2 = input.indexOf("[/img]", u1 + 1);
151                 if (u2 < 0) {
152                     buf.append(chars, oldend, j - oldend);
153                     oldend = j;
154                 } else {
155                     buf.append(chars, oldend, index - oldend);
156                     buf.append("<img SRC=\"");
157                     String JavaDoc href = input.substring(u1 + 1, u2).trim();
158                     // Add http:// to the front of links if and only if it doesn't have any protocols.
159 // Doing this handles this: "[url=sun.com]SUN[/url]"
160 // Changing it to <a HREF="http://sun.com">SUN</a>
161 // instead of <a HREF="http://localhost:8080/mvnforum/sun.com">SUN</a>
162 if (href.indexOf("://") == -1) {
163                         href = "http://" + href;
164                     }
165                     if (href.indexOf("javascript:") == -1 && href.indexOf("file:") == -1) {
166                         buf.append(encoderService.filterUrl(href));
167                     }
168                     buf.append("\" border=\"0\">");
169                     oldend = u2 + 6; // 6 == length of [/img]
170 }
171                 index = oldend -1;// set to the last char of the tag, that is ']'
172 }
173         }
174         if (oldend < len)
175             buf.append(chars, oldend, len - oldend);
176         return buf.toString();
177     }
178 /*
179     public static void main(String[] args) {
180         //encodePath("localhost:8080/path/index.jsp");
181         String[] input = {
182             "[url=mailto:test@yahoo.com]Minh[/url][img]http://localhost:8080/mvnforum/mvnplugin/mvnforum/images/logo.gif[/img]",
183             "-dfadg=[img] \" onmousemove=\"alert(1); [/img]",
184             "(= http://a\"onmouseover='alert(1);')",
185             "[url=http://sun.com]SUN[/url] http://sun.com",
186             "[url sun.com]SUN[/url]", //What to do if no http???
187             "[url=javascript:alert(1);]SUN[/url]",
188             "[url=\" onmousemove=\"alert(1);]Hack[/url]",
189             "[url=\" onmousemove='alert(1);']Hack[/url]"//somebody wants to hack us
190         };
191
192         //URLFilter enableMVNCodeFilter = new URLFilter();
193         long start = System.currentTimeMillis();
194
195         for (int i = 0; i < input.length; i++) {
196             System.out.println("input = '" + input[i] + "' length = " + input[i].length());
197
198             String output = null;
199             for (int j = 0; j < 1; j++) {
200                 output = URLFilter.filter(input[i]);
201             }
202
203             System.out.println("output= '" + output + "'");
204         }
205
206         long time = System.currentTimeMillis() - start;
207         System.out.println("total time = " + time);
208     }
209  */
210     /*
211     public static String enableImg(String input) {
212         String output = input;
213         try {
214             RE exp = new RE("(.*)\\[img\\](.*)\\[\\/img\\](.*)");
215             boolean matched = exp.match(input);
216             if (matched) {
217                 String front = new String();
218                 String back = new String();
219                 String matchedPattern = new String();
220
221                 front = exp.getParen(1);
222                 matchedPattern = exp.getParen(2);
223                 matchedPattern = "<img SRC=\"" + matchedPattern + "\" border=0 >";
224                 back = exp.getParen(3);
225
226                 output = front + matchedPattern + back;
227
228                 //log.info("image path is: " + output);
229             }
230         } catch (RESyntaxException e) {
231             //log.info(e.getMessage());
232         }
233         return output;
234     }*/
235
236     /*
237     public static void main1(String[] args) {
238         URLFilter enableMVNCodeFilter = new URLFilter();
239         long start = System.currentTimeMillis();
240
241         String input = "[img]http://loclahost/test[/img] [img]http://[/img]";
242         System.out.println("input = '" + input + "' length = " + input.length());
243
244         String output = null;
245         for (int j = 0; j < 1; j++) {
246             output = enableMVNCodeFilter.enableImg(input);
247         }
248
249         System.out.println("output= '" + output + "'");
250
251         long time = System.currentTimeMillis() - start;
252         System.out.println("total time = " + time);
253     }
254     */
255 }
256
Popular Tags