muadzmi02
/
sipadu_mbip
forked from SwissLink/sipadu_mbip
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Dashboard sipadu mbip
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
199 Commits
1 Branch
Tree: dfd1388783
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dfd1388783'
${ noResults }
sipadu_mbip/public/pages/ace-editor/build/escape/escape.js

escape.js 2.5KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. /*

  2. Copyright (c) 2010, Yahoo! Inc. All rights reserved.

  3. Code licensed under the BSD License:

  4. http://developer.yahoo.com/yui/license.html

  5. version: 3.4.0

  6. build: nightly

  7. */

  8. YUI.add('escape', function(Y) {

  9. 

  10. /**

  11. Provides utility methods for escaping strings.

  12. 

  13. @module escape

  14. @class Escape

  15. @static

  16. @since 3.3.0

  17. **/

  18. 

  19. var HTML_CHARS = {

  20.         '&': '&',

  21.         '<': '&lt;',

  22.         '>': '&gt;',

  23.         '"': '&quot;',

  24.         "'": '&#x27;',

  25.         '/': '&#x2F;',

  26.         '`': '&#x60;'

  27.     },

  28. 

  29. Escape = {

  30.     // -- Public Static Methods ------------------------------------------------

  31. 

  32.     /**

  33.     Returns a copy of the specified string with special HTML characters

  34.     escaped. The following characters will be converted to their

  35.     corresponding character entities:

  36. 

  37.         & < > " ' / `

  38. 

  39.     This implementation is based on the [OWASP HTML escaping

  40.     recommendations][1]. In addition to the characters in the OWASP

  41.     recommendations, we also escape the <code>&#x60;</code> character, since IE

  42.     interprets it as an attribute delimiter.

  43. 

  44.     If _string_ is not already a string, it will be coerced to a string.

  45. 

  46.     [1]: http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

  47. 

  48.     @method html

  49.     @param {String} string String to escape.

  50.     @return {String} Escaped string.

  51.     @static

  52.     **/

  53.     html: function (string) {

  54.         return (string + '').replace(/[&<>"'\/`]/g, Escape._htmlReplacer);

  55.     },

  56. 

  57.     /**

  58.     Returns a copy of the specified string with special regular expression

  59.     characters escaped, allowing the string to be used safely inside a regex.

  60.     The following characters, and all whitespace characters, are escaped:

  61. 

  62.         - # $ ^ * ( ) + [ ] { } | \ , . ?

  63. 

  64.     If _string_ is not already a string, it will be coerced to a string.

  65. 

  66.     @method regex

  67.     @param {String} string String to escape.

  68.     @return {String} Escaped string.

  69.     @static

  70.     **/

  71.     regex: function (string) {

  72.         return (string + '').replace(/[\-#$\^*()+\[\]{}|\\,.?\s]/g, '\\$&');

  73.     },

  74. 

  75.     // -- Protected Static Methods ---------------------------------------------

  76. 

  77.     /**

  78.      * Regex replacer for HTML escaping.

  79.      *

  80.      * @method _htmlReplacer

  81.      * @param {String} match Matched character (must exist in HTML_CHARS).

  82.      * @returns {String} HTML entity.

  83.      * @static

  84.      * @protected

  85.      */

  86.     _htmlReplacer: function (match) {

  87.         return HTML_CHARS[match];

  88.     }

  89. };

  90. 

  91. Escape.regexp = Escape.regex;

  92. 

  93. Y.Escape = Escape;

  94. 

  95. 

  96. }, '3.4.0' ,{requires:['yui-base']});