public class HTMLs
extends java.lang.Object
Constructor and Description |
---|
HTMLs() |
Modifier and Type | Method and Description |
---|---|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
boolean val)
Appends an attribute to the string buffer for HTML/XML (name="val").
|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
double val)
Appends an attribute with a long value to the string buffer for HTML/XML (name="val").
|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
int val)
Appends an attribute with a int value to the string buffer for HTML/XML (name="val").
|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
long val)
Appends an attribute with a long value to the string buffer for HTML/XML (name="val").
|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
short val)
Appends an attribute with a short value to the string buffer for HTML/XML (name="val").
|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
java.lang.String val)
Appends an attribute to the string buffer for HTML/XML (name="val").
|
static void |
appendAttribute(java.lang.StringBuffer sb,
java.lang.String name,
java.lang.String val,
boolean emptyIgnored)
Appends an attribute to the string buffer for HTML/XML (name="val").
|
static void |
appendStyle(java.lang.StringBuffer sb,
java.lang.String name,
java.lang.String val)
Appends a style value to the string buffer for HTML/XML (name:"val";).
|
static java.lang.String |
encodeCharacter(char[] immune,
java.lang.Character c)
Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java
Returns backslash encoded numeric format.
|
static java.lang.String |
encodeJavaScript(java.lang.String input)
Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java
Returns backslash encoded numeric format.
|
static int |
getSubstyleIndex(java.lang.String style,
java.lang.String substyle)
Returns the position of the specified substyle, or -1 if not found.
|
static java.lang.String |
getSubstyleValue(java.lang.String style,
int j)
Returns the value starting at the specified index (never null).
|
static java.lang.String |
getTextRelevantStyle(java.lang.String style)
Retrieves text relevant CSS styles.
|
static boolean |
isOrphanTag(java.lang.String tagname)
Returns whether the specified tag is an 'orphan' tag.
|
public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, java.lang.String val)
Note: XMLs.encodeAttribute(java.lang.String)
is called automatically
to encode val.
public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, java.lang.String val, boolean emptyIgnored)
Note: XMLs.encodeAttribute(java.lang.String)
is called automatically
to encode val.
emptyIgnored
- whether to ignore a null or empty string.
If false, it is always generated (null is generated as "null").public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, int val)
public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, long val)
public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, double val)
public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, short val)
public static final void appendAttribute(java.lang.StringBuffer sb, java.lang.String name, boolean val)
public static final void appendStyle(java.lang.StringBuffer sb, java.lang.String name, java.lang.String val)
public static final int getSubstyleIndex(java.lang.String style, java.lang.String substyle)
style
- the stylesubstyle
- the sub-style, e.g., display.java.lang.IllegalArgumentException
- if style is null, or substyle is null
or empty.public static final java.lang.String getSubstyleValue(java.lang.String style, int j)
Note: the index is usually the returned vale of getSubstyleIndex(java.lang.String, java.lang.String)
.
style
- the stylej
- the index that the substyle starts at (including the style's name)public static final java.lang.String getTextRelevantStyle(java.lang.String style)
For example, if style is "border: 1px solid blue; font-size: 10px; padding: 3px; color: black;", then "font-size: 10px;color: black;" is returned.
public static final boolean isOrphanTag(java.lang.String tagname)
For example, br and img are orphan tags.
tagname
- the tag name, e.g., br and tr.public static java.lang.String encodeJavaScript(java.lang.String input)
Returns backslash encoded numeric format. Does not use backslash character escapes such as, \" or \' as these may cause parsing problems. For example, if a javascript attribute, such as onmouseover, contains a \" that will close the entire attribute and allow an attacker to inject another script attribute.
public static java.lang.String encodeCharacter(char[] immune, java.lang.Character c)
Returns backslash encoded numeric format. Does not use backslash character escapes such as, \" or \' as these may cause parsing problems. For example, if a javascript attribute, such as onmouseover, contains a \" that will close the entire attribute and allow an attacker to inject another script attribute.
Copyright © 2005-2018 Potix Corporation. All Rights Reserved.