List of usage examples for org.apache.commons.text StringEscapeUtils escapeHtml4
public static final String escapeHtml4(final String input)
Escapes the characters in a String using HTML entities.
For example:
"bread" & "butter"
"bread" & "butter".
From source file:net.sourceforge.pmd.docs.EscapeUtils.java
public static String escapeSingleLine(String line) { StringBuilder escaped = new StringBuilder(line.length() + 16); String currentLine = line;/*from ww w. j a v a2 s.co m*/ if (currentLine.startsWith(QUOTE_START)) { escaped.append(currentLine.substring(0, 1)); currentLine = currentLine.substring(1); } int url = currentLine.indexOf(URL_START); while (url > -1) { String before = currentLine.substring(0, url); before = escapeBackticks(escaped, before); escaped.append(StringEscapeUtils.escapeHtml4(before)); int urlEnd = currentLine.indexOf(">", url) + 1; // add the url unescaped escaped.append(currentLine.substring(url, urlEnd)); currentLine = currentLine.substring(urlEnd); url = currentLine.indexOf(URL_START); } currentLine = escapeBackticks(escaped, currentLine); escaped.append(StringEscapeUtils.escapeHtml4(currentLine)); return escaped.toString(); }
From source file:net.sourceforge.pmd.docs.EscapeUtils.java
private static String escapeBackticks(StringBuilder escaped, String linePart) { String currentLine = linePart; int pos = currentLine.indexOf(BACKTICK); boolean needsEscaping = true; while (pos > -1) { String before = currentLine.substring(0, pos); if (needsEscaping) { escaped.append(StringEscapeUtils.escapeHtml4(before)); escaped.append(BACKTICK);// w ww.j ava2s . c o m needsEscaping = false; } else { escaped.append(before); escaped.append(BACKTICK); needsEscaping = true; } currentLine = currentLine.substring(pos + 1); pos = currentLine.indexOf(BACKTICK); } return currentLine; }
From source file:net.sourceforge.pmd.docs.RuleDocGenerator.java
/** * Shortens and escapes (for markdown) some special characters. Otherwise the shortened text * could contain some unfinished sequences. * @param rule//from www . j a va 2 s. com * @return */ private static String getShortRuleDescription(Rule rule) { return StringEscapeUtils .escapeHtml4( StringUtils.abbreviate( StringUtils.stripToEmpty(rule.getDescription().replaceAll("\n|\r", "") .replaceAll("\\|", "\\\\|").replaceAll("`", "'").replaceAll("\\*", "")), 100)); }
From source file:net.sourceforge.pmd.docs.RuleDocGenerator.java
private static String getRuleSetDescriptionSingleLine(RuleSet ruleset) { String description = ruleset.getDescription(); description = StringEscapeUtils.escapeHtml4(description); description = description.replaceAll("\\n|\\r", " "); description = StringUtils.stripToEmpty(description); return description; }
From source file:net.sourceforge.pmd.docs.RuleDocGenerator.java
/** * Generates for each ruleset a page. The page contains the details for each rule. * * @param rulesets all rulesets/*w ww.ja va 2 s . c o m*/ * @throws IOException */ private void generateRuleSetIndex(Map<Language, List<RuleSet>> rulesets) throws IOException { for (Map.Entry<Language, List<RuleSet>> entry : rulesets.entrySet()) { Language language = entry.getKey(); String languageTersename = language.getTerseName(); String languageName = language.getName(); for (RuleSet ruleset : entry.getValue()) { String rulesetFilename = RuleSetUtils.getRuleSetFilename(ruleset); String filename = RULESET_INDEX_FILENAME_PATTERN.replace("${language.tersename}", languageTersename) .replace("${ruleset.name}", rulesetFilename); Path path = getAbsoluteOutputPath(filename); String permalink = RULESET_INDEX_PERMALINK_PATTERN .replace("${language.tersename}", languageTersename) .replace("${ruleset.name}", rulesetFilename); String ruleSetSourceFilepath = "../" + getRuleSetSourceFilepath(ruleset); List<String> lines = new LinkedList<>(); lines.add("---"); lines.add("title: " + ruleset.getName()); lines.add("summary: " + getRuleSetDescriptionSingleLine(ruleset)); lines.add("permalink: " + permalink); lines.add("folder: pmd/rules/" + languageTersename); lines.add("sidebaractiveurl: /" + LANGUAGE_INDEX_PERMALINK_PATTERN.replace("${language.tersename}", languageTersename)); lines.add("editmepath: " + ruleSetSourceFilepath); lines.add("keywords: " + getRuleSetKeywords(ruleset)); lines.add("language: " + languageName); lines.add("---"); lines.add(GENERATED_WARNING.replace("${source}", ruleSetSourceFilepath)); for (Rule rule : getSortedRules(ruleset)) { lines.add("## " + rule.getName()); lines.add(""); if (rule instanceof RuleReference) { RuleReference ref = (RuleReference) rule; if (ruleset.getFileName().equals(ref.getRuleSetReference().getRuleSetFileName())) { // rule renamed within same ruleset lines.add(DEPRECATION_LABEL); lines.add(""); lines.add("This rule has been renamed. Use instead: [" + ref.getRule().getName() + "](" + "#" + ref.getRule().getName().toLowerCase(Locale.ROOT) + ")"); lines.add(""); } else { // rule moved to another ruleset String otherLink = RULESET_INDEX_PERMALINK_PATTERN .replace("${language.tersename}", languageTersename) .replace("${ruleset.name}", RuleSetUtils .getRuleSetFilename(ref.getRuleSetReference().getRuleSetFileName())); lines.add(DEPRECATION_LABEL); lines.add(""); lines.add("The rule has been moved to another ruleset. Use instead: [" + ref.getRule().getName() + "](" + otherLink + "#" + ref.getRule().getName().toLowerCase(Locale.ROOT) + ")"); lines.add(""); } } if (rule.isDeprecated()) { lines.add(DEPRECATION_LABEL); lines.add(""); } if (rule.getSince() != null) { lines.add("**Since:** PMD " + rule.getSince()); lines.add(""); } lines.add( "**Priority:** " + rule.getPriority() + " (" + rule.getPriority().getPriority() + ")"); lines.add(""); if (rule.getMinimumLanguageVersion() != null) { lines.add("**Minimum Language Version:** " + rule.getLanguage().getName() + " " + rule.getMinimumLanguageVersion().getVersion()); lines.add(""); } lines.addAll(EscapeUtils.escapeLines(toLines(stripIndentation(rule.getDescription())))); lines.add(""); if (rule instanceof XPathRule || rule instanceof RuleReference && ((RuleReference) rule).getRule() instanceof XPathRule) { lines.add("**This rule is defined by the following XPath expression:**"); lines.add("``` xpath"); lines.addAll( toLines(StringUtils.stripToEmpty(rule.getProperty(XPathRule.XPATH_DESCRIPTOR)))); lines.add("```"); } else { lines.add("**This rule is defined by the following Java class:** " + "[" + rule.getRuleClass() + "](" + GITHUB_SOURCE_LINK + getRuleClassSourceFilepath(rule.getRuleClass()) + ")"); } lines.add(""); if (!rule.getExamples().isEmpty()) { lines.add("**Example(s):**"); lines.add(""); for (String example : rule.getExamples()) { lines.add("``` " + mapLanguageForHighlighting(languageTersename)); lines.addAll(toLines(StringUtils.stripToEmpty(example))); lines.add("```"); lines.add(""); } } List<PropertyDescriptor<?>> properties = new ArrayList<>(rule.getPropertyDescriptors()); // filter out standard properties properties.remove(Rule.VIOLATION_SUPPRESS_REGEX_DESCRIPTOR); properties.remove(Rule.VIOLATION_SUPPRESS_XPATH_DESCRIPTOR); properties.remove(XPathRule.XPATH_DESCRIPTOR); properties.remove(XPathRule.VERSION_DESCRIPTOR); if (!properties.isEmpty()) { lines.add("**This rule has the following properties:**"); lines.add(""); lines.add("|Name|Default Value|Description|Multivalued|"); lines.add("|----|-------------|-----------|-----------|"); for (PropertyDescriptor<?> propertyDescriptor : properties) { String description = propertyDescriptor.description(); final boolean isDeprecated = isDeprecated(propertyDescriptor); if (isDeprecated) { description = description.substring(DEPRECATED_RULE_PROPERTY_MARKER.length()); } String defaultValue = determineDefaultValueAsString(propertyDescriptor, rule, true); String multiValued = "no"; if (propertyDescriptor.isMultiValue()) { MultiValuePropertyDescriptor<?> multiValuePropertyDescriptor = (MultiValuePropertyDescriptor<?>) propertyDescriptor; multiValued = "yes. Delimiter is '" + multiValuePropertyDescriptor.multiValueDelimiter() + "'."; } lines.add("|" + EscapeUtils.escapeMarkdown( StringEscapeUtils.escapeHtml4(propertyDescriptor.name())) + "|" + EscapeUtils.escapeMarkdown(StringEscapeUtils.escapeHtml4(defaultValue)) + "|" + EscapeUtils.escapeMarkdown((isDeprecated ? DEPRECATION_LABEL_SMALL : "") + StringEscapeUtils.escapeHtml4(description)) + "|" + EscapeUtils.escapeMarkdown(StringEscapeUtils.escapeHtml4(multiValued)) + "|"); } lines.add(""); } if (properties.isEmpty()) { lines.add("**Use this rule by referencing it:**"); } else { lines.add("**Use this rule with the default properties by just referencing it:**"); } lines.add("``` xml"); lines.add("<rule ref=\"category/" + languageTersename + "/" + rulesetFilename + ".xml/" + rule.getName() + "\" />"); lines.add("```"); lines.add(""); if (properties.stream().anyMatch(it -> !isDeprecated(it))) { lines.add("**Use this rule and customize it:**"); lines.add("``` xml"); lines.add("<rule ref=\"category/" + languageTersename + "/" + rulesetFilename + ".xml/" + rule.getName() + "\">"); lines.add(" <properties>"); for (PropertyDescriptor<?> propertyDescriptor : properties) { if (!isDeprecated(propertyDescriptor)) { String defaultValue = determineDefaultValueAsString(propertyDescriptor, rule, false); lines.add(" <property name=\"" + propertyDescriptor.name() + "\" value=\"" + defaultValue + "\" />"); } } lines.add(" </properties>"); lines.add("</rule>"); lines.add("```"); lines.add(""); } } writer.write(path, lines); System.out.println("Generated " + path); } } }
From source file:org.codelibs.fess.app.web.base.FessSearchAction.java
protected void buildInitParamMap(final Map<String, String> paramMap, final String queryKey, final String formKey) { if (!paramMap.isEmpty()) { final StringBuilder queryBuf = new StringBuilder(100); final StringBuilder formBuf = new StringBuilder(100); for (final Map.Entry<String, String> entry : paramMap.entrySet()) { queryBuf.append('&'); queryBuf.append(URLUtil.encode(entry.getValue(), Constants.UTF_8)); queryBuf.append('='); queryBuf.append(URLUtil.encode(entry.getKey(), Constants.UTF_8)); formBuf.append("<input type=\"hidden\" name=\""); formBuf.append(StringEscapeUtils.escapeHtml4(entry.getValue())); formBuf.append("\" value=\""); formBuf.append(StringEscapeUtils.escapeHtml4(entry.getKey())); formBuf.append("\"/>"); }//from w ww.jav a 2 s. c om request.setAttribute(queryKey, queryBuf.toString()); request.setAttribute(formKey, formBuf.toString()); } }
From source file:org.codelibs.fess.helper.ViewHelper.java
public String createCacheContent(final Map<String, Object> doc, final String[] queries) { final FessConfig fessConfig = ComponentUtil.getFessConfig(); final FileTemplateLoader loader = new FileTemplateLoader(ResourceUtil.getViewTemplatePath().toFile()); final Handlebars handlebars = new Handlebars(loader); Locale locale = ComponentUtil.getRequestManager().getUserLocale(); if (locale == null) { locale = Locale.ENGLISH;/*from w w w .j a v a2 s .c om*/ } String url = DocumentUtil.getValue(doc, fessConfig.getIndexFieldUrl(), String.class); if (url == null) { url = ComponentUtil.getMessageManager().getMessage(locale, "labels.search_unknown"); } doc.put(fessConfig.getResponseFieldUrlLink(), getUrlLink(doc)); String createdStr; final Date created = DocumentUtil.getValue(doc, fessConfig.getIndexFieldCreated(), Date.class); if (created != null) { final SimpleDateFormat sdf = new SimpleDateFormat(CoreLibConstants.DATE_FORMAT_ISO_8601_EXTEND); createdStr = sdf.format(created); } else { createdStr = ComponentUtil.getMessageManager().getMessage(locale, "labels.search_unknown"); } doc.put(CACHE_MSG, ComponentUtil.getMessageManager().getMessage(locale, "labels.search_cache_msg", new Object[] { url, createdStr })); doc.put(QUERIES, queries); String cache = DocumentUtil.getValue(doc, fessConfig.getIndexFieldCache(), String.class); if (cache != null) { final String mimetype = DocumentUtil.getValue(doc, fessConfig.getIndexFieldMimetype(), String.class); if (!ComponentUtil.getFessConfig().isHtmlMimetypeForCache(mimetype)) { cache = StringEscapeUtils.escapeHtml4(cache); } cache = ComponentUtil.getPathMappingHelper().replaceUrls(cache); if (queries != null && queries.length > 0) { doc.put(HL_CACHE, replaceHighlightQueries(cache, queries)); } else { doc.put(HL_CACHE, cache); } } else { doc.put(fessConfig.getIndexFieldCache(), StringUtil.EMPTY); doc.put(HL_CACHE, StringUtil.EMPTY); } try { final Template template = handlebars.compile(cacheTemplateName); final Context hbsContext = Context.newContext(doc); return template.apply(hbsContext); } catch (final Exception e) { logger.warn("Failed to create a cache response.", e); } return null; }
From source file:org.codelibs.fess.taglib.FessFunctions.java
private static String createForm(final String key, final String prefix) { final HttpServletRequest request = LaRequestUtil.getRequest(); String query = (String) request.getAttribute(key); if (query == null) { final StringBuilder buf = new StringBuilder(100); final Enumeration<String> names = request.getParameterNames(); while (names.hasMoreElements()) { final String name = names.nextElement(); if (name.startsWith(prefix)) { final String[] values = request.getParameterValues(name); if (values != null) { for (final String value : values) { buf.append("<input type=\"hidden\" name=\""); buf.append(StringEscapeUtils.escapeHtml4(name)); buf.append("\" value=\""); buf.append(StringEscapeUtils.escapeHtml4(value)); buf.append("\"/>"); }/*from w ww. j a v a 2s .c o m*/ } } } query = buf.toString(); request.setAttribute(key, query); } return query; }
From source file:org.codice.ddf.transformer.preview.PreviewMetacardTransformer.java
@Override public BinaryContent transform(Metacard metacard, Map<String, Serializable> arguments) throws CatalogTransformerException { if (metacard == null) { throw new CatalogTransformerException("Cannot transform null metacard."); }/*w ww . j a v a 2 s . com*/ String preview = "No preview text available."; if (metacard.getAttribute(Extracted.EXTRACTED_TEXT) != null && metacard.getAttribute(Extracted.EXTRACTED_TEXT).getValue() != null) { preview = StringEscapeUtils .escapeHtml4(metacard.getAttribute(Extracted.EXTRACTED_TEXT).getValue().toString()) .replaceAll("[\n|\r]", "<br>"); preview = String.format("<head><meta charset=\"utf-8\"/>%s</head>", preview); } return new BinaryContentImpl(IOUtils.toInputStream(preview)); }
From source file:org.kuali.kfs.kns.util.WebUtils.java
/** * Excapes out HTML to prevent XSS attacks, and replaces the following * strings to allow for a limited set of HTML tags * <p>// ww w . ja v a 2 s . c om * <li>[X] and [/X], where X represents any 1 or 2 letter string may be used * to specify the equivalent tag in HTML (i.e. <X> and </X>) <li> * [font COLOR], where COLOR represents any valid html color (i.e. color * name or hexcode preceeded by #) will be filtered into <font * color="COLOR"/> <li>[/font] will be filtered into </font> <li> * [table CLASS], where CLASS gives the style class to use, will be filter * into <table class="CLASS"/> <li>[/table] will be filtered into * </table> <li>[td CLASS], where CLASS gives the style class to use, * will be filter into <td class="CLASS"/> * * @param inputString * @return */ public static String filterHtmlAndReplaceRiceMarkup(String inputString) { String outputString = StringEscapeUtils.escapeHtml4(inputString); // string has been escaped of all <, >, and & (and other characters) Map<String, String> findAndReplacePatterns = new LinkedHashMap<String, String>(); // now replace our rice custom markup into html // DON'T ALLOW THE SCRIPT TAG OR ARBITRARY IMAGES/URLS/ETC. THROUGH //strip out instances where javascript precedes a URL findAndReplacePatterns.put("\\[a ((javascript|JAVASCRIPT|JavaScript).+)\\]", ""); //turn passed a href value into appropriate tag findAndReplacePatterns.put("\\[a (.+)\\]", "<a href=\"$1\">"); findAndReplacePatterns.put("\\[/a\\]", "</a>"); // filter any one character tags findAndReplacePatterns.put("\\[([A-Za-z])\\]", "<$1>"); findAndReplacePatterns.put("\\[/([A-Za-z])\\]", "</$1>"); // filter any two character tags findAndReplacePatterns.put("\\[([A-Za-z]{2})\\]", "<$1>"); findAndReplacePatterns.put("\\[/([A-Za-z]{2})\\]", "</$1>"); // filter the font tag findAndReplacePatterns.put("\\[font (#[0-9A-Fa-f]{1,6}|[A-Za-z]+)\\]", "<font color=\"$1\">"); findAndReplacePatterns.put("\\[/font\\]", "</font>"); // filter the table tag findAndReplacePatterns.put("\\[table\\]", "<table>"); findAndReplacePatterns.put("\\[table ([A-Za-z]+)\\]", "<table class=\"$1\">"); findAndReplacePatterns.put("\\[/table\\]", "</table>"); // fiter td with class findAndReplacePatterns.put("\\[td ([A-Za-z]+)\\]", "<td class=\"$1\">"); for (String findPattern : findAndReplacePatterns.keySet()) { Pattern p = Pattern.compile(findPattern); Matcher m = p.matcher(outputString); if (m.find()) { String replacePattern = findAndReplacePatterns.get(findPattern); outputString = m.replaceAll(replacePattern); } } return outputString; }