KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > springframework > web > util > HtmlUtils


1 /*
2  * Copyright 2002-2005 the original author or authors.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */

16
17 package org.springframework.web.util;
18
19 import org.springframework.util.StringUtils;
20
21 /**
22  * Utility class for HTML escaping. Escapes and unescapes
23  * based on the W3C HTML 4.01 recommendation, handling
24  * character entity references.
25  *
26  * <p>Reference:
27  * <a HREF="http://www.w3.org/TR/html4/charset.html">
28  * http://www.w3.org/TR/html4/charset.html
29  * </a>
30  *
31  * <p>For a comprehensive set of String escaping utilities,
32  * consider Jakarta Commons Lang and its StringEscapeUtils class.
33  * We are not using that class here to avoid a runtime dependency
34  * on Commons Lang just for HTML escaping. Furthermore, Spring's
35  * HTML escaping is more flexible and 100% HTML 4.0 compliant.
36  *
37  * @author Juergen Hoeller
38  * @author Martin Kersten
39  * @since 01.03.2003
40  * @see org.apache.commons.lang.StringEscapeUtils
41  */

42 public abstract class HtmlUtils {
43
44     /**
45      * Shared instance of pre-parsed HTML character entity references.
46      */

47     private static final HtmlCharacterEntityReferences characterEntityReferences =
48             new HtmlCharacterEntityReferences();
49     
50     private static final String JavaDoc PARAMETER_DELIMETER = "&";
51
52
53     /**
54      * Turn special characters into HTML character references.
55      * Handles complete character set defined in HTML 4.01 recommendation.
56      * <p>Escapes all special characters to their corresponding
57      * entity reference (e.g. <code>&lt;</code>).
58      * <p>Reference:
59      * <a HREF="http://www.w3.org/TR/html4/sgml/entities.html">
60      * http://www.w3.org/TR/html4/sgml/entities.html
61      * </a>
62      * @param input the (unescaped) input string
63      * @return the escaped string
64      */

65     public static String JavaDoc htmlEscape(String JavaDoc input) {
66         if (input == null) {
67             return null;
68         }
69         StringBuffer JavaDoc escaped = new StringBuffer JavaDoc(input.length() * 2);
70         for (int i = 0; i < input.length(); i++) {
71             char character = input.charAt(i);
72             String JavaDoc reference = characterEntityReferences.convertToReference(character);
73             if (reference != null) {
74                 escaped.append(reference);
75             }
76             else {
77                 escaped.append(character);
78             }
79         }
80         return escaped.toString();
81     }
82
83     /**
84      * Turn special characters into HTML character references.
85      * Handles complete character set defined in HTML 4.01 recommendation.
86      * <p>Escapes all special characters to their corresponding numeric
87      * reference in decimal format (&#<i>Decimal</i>;).
88      * <p>Reference:
89      * <a HREF="http://www.w3.org/TR/html4/sgml/entities.html">
90      * http://www.w3.org/TR/html4/sgml/entities.html
91      * </a>
92      * @param input the (unescaped) input string
93      * @return the escaped string
94      */

95     public static String JavaDoc htmlEscapeDecimal(String JavaDoc input) {
96         if (input == null) {
97             return null;
98         }
99         StringBuffer JavaDoc escaped = new StringBuffer JavaDoc(input.length() * 2);
100         for (int i = 0; i < input.length(); i++) {
101             char character = input.charAt(i);
102             if (characterEntityReferences.isMappedToReference(character)) {
103                 escaped.append(HtmlCharacterEntityReferences.DECIMAL_REFERENCE_START);
104                 escaped.append((int) character);
105                 escaped.append(HtmlCharacterEntityReferences.REFERENCE_END);
106             }
107             else {
108                 escaped.append(character);
109             }
110         }
111         return escaped.toString();
112     }
113
114     /**
115      * HTML escapes <i>just</i> the parameters of the supplied query string.
116      * <p>For example, given the query string
117      * <code>foo=bar&amp;baz=&lt;boz&gt;</code>, the return value will be
118      * <code>foo=bar&amp;baz=&amp;lt;boz&amp;gt;</code> (the &amp; parameter
119      * delimeters are thus preserved).
120      * @param queryString the query string to be so escaped
121      * @return the escaped query string, or the empty string if the supplied query string is <code>null</code> or empty
122      */

123     public static String JavaDoc htmlEscapeQueryStringParameters(String JavaDoc queryString) {
124         if (!StringUtils.hasText(queryString)) {
125             return "";
126         }
127         StringBuffer JavaDoc buffer = new StringBuffer JavaDoc(queryString.length() * 2);
128         String JavaDoc[] parameters = StringUtils.tokenizeToStringArray(queryString, PARAMETER_DELIMETER);
129         if (parameters.length > 0) {
130             for (int i = 0; i < parameters.length; ++i) {
131                 String JavaDoc parameter = parameters[i];
132                 buffer.append(HtmlUtils.htmlEscape(parameter));
133                 if (i < parameters.length - 1) {
134                     buffer.append(PARAMETER_DELIMETER);
135                 }
136             }
137         }
138         return buffer.toString();
139     }
140
141     /**
142      * Turn special characters into HTML character references.
143      * Handles complete character set defined in HTML 4.01 recommendation.
144      * <p>Escapes all special characters to their corresponding numeric
145      * reference in hex format (&#x<i>Hex</i>;).
146      * <p>Reference:
147      * <a HREF="http://www.w3.org/TR/html4/sgml/entities.html">
148      * http://www.w3.org/TR/html4/sgml/entities.html
149      * </a>
150      * @param input the (unescaped) input string
151      * @return the escaped string
152      */

153     public static String JavaDoc htmlEscapeHex(String JavaDoc input) {
154         if (input == null) {
155             return null;
156         }
157         StringBuffer JavaDoc escaped = new StringBuffer JavaDoc(input.length() * 2);
158         for (int i = 0; i < input.length(); i++) {
159             char character = input.charAt(i);
160             if (characterEntityReferences.isMappedToReference(character)) {
161                 escaped.append(HtmlCharacterEntityReferences.HEX_REFERENCE_START);
162                 escaped.append(Integer.toString((int) character, 16));
163                 escaped.append(HtmlCharacterEntityReferences.REFERENCE_END);
164             }
165             else {
166                 escaped.append(character);
167             }
168         }
169         return escaped.toString();
170     }
171
172     /**
173      * Turn HTML character references into their plain text UNICODE equivalent.
174      * <p>Handles complete character set defined in HTML 4.01 recommendation
175      * and all reference types (decimal, hex, and entity).
176      * <p>Correctly converts the following formats:
177      * <blockquote>
178      * &amp;#<i>Entity</i>; - <i>(Example: &amp;amp;) case sensitive</i>
179      * &amp;#<i>Decimal</i>; - <i>(Example: &amp;#68;)</i><br>
180      * &amp;#x<i>Hex</i>; - <i>(Example: &amp;#xE5;) case insensitive</i><br>
181      * </blockquote>
182      * Gracefully handles malformed character references by copying original
183      * characters as is when encountered.<p>
184      * <p>Reference:
185      * <a HREF="http://www.w3.org/TR/html4/sgml/entities.html">
186      * http://www.w3.org/TR/html4/sgml/entities.html
187      * </a>
188      * @param input the (escaped) input string
189      * @return the unescaped string
190      */

191     public static String JavaDoc htmlUnescape(String JavaDoc input) {
192         if (input == null) {
193             return null;
194         }
195         return new HtmlCharacterEntityDecoder(characterEntityReferences, input).decode();
196     }
197
198 }
199
Popular Tags