projects
/
shibboleth
/
cpp-xmltooling.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a09dd66
)
https://issues.shibboleth.net/jira/browse/SSPCPP-185
author
Scott Cantor
<cantor.2@osu.edu>
Fri, 6 Feb 2009 18:09:47 +0000
(18:09 +0000)
committer
Scott Cantor
<cantor.2@osu.edu>
Fri, 6 Feb 2009 18:09:47 +0000
(18:09 +0000)
xmltooling/util/TemplateEngine.cpp
patch
|
blob
|
history
xmltooling/util/TemplateEngine.h
patch
|
blob
|
history
xmltoolingtest/TemplateEngineTest.h
patch
|
blob
|
history
xmltoolingtest/data/template.in
patch
|
blob
|
history
xmltoolingtest/data/template.out
patch
|
blob
|
history
diff --git
a/xmltooling/util/TemplateEngine.cpp
b/xmltooling/util/TemplateEngine.cpp
index
c9f44b8
..
7d3e7d8
100644
(file)
--- a/
xmltooling/util/TemplateEngine.cpp
+++ b/
xmltooling/util/TemplateEngine.cpp
@@
-1,6
+1,6
@@
/*
/*
- * Copyright 2001-200
7
Internet2
- *
+ * Copyright 2001-200
9
Internet2
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
@@
-16,8
+16,8
@@
/**
* TemplateEngine.cpp
/**
* TemplateEngine.cpp
- *
- * Simple template replacement engine.
+ *
+ * Simple template replacement engine.
*/
#include "internal.h"
*/
#include "internal.h"
@@
-35,6
+35,8
@@
void TemplateEngine::setTagPrefix(const char* tagPrefix)
ifnotendtag = string("</") + tagPrefix + "ifnot>";
}
ifnotendtag = string("</") + tagPrefix + "ifnot>";
}
+string TemplateEngine::unsafe_chars = "#%&():[]\\`{}";
+
void TemplateEngine::html_encode(ostream& os, const char* start) const
{
while (start && *start) {
void TemplateEngine::html_encode(ostream& os, const char* start) const
{
while (start && *start) {
@@
-42,10
+44,18
@@
void TemplateEngine::html_encode(ostream& os, const char* start) const
case '<': os << "<"; break;
case '>': os << ">"; break;
case '"': os << """; break;
case '<': os << "<"; break;
case '>': os << ">"; break;
case '"': os << """; break;
- case '#': os << "#"; break;
- case '%': os << "%"; break;
case '&': os << "&"; break;
case '\'': os << "'"; break;
case '&': os << "&"; break;
case '\'': os << "'"; break;
+
+ default:
+ if (unsafe_chars.find_first_of(*start) != string::npos)
+ os << "&#" << static_cast<short>(*start) << ';';
+ else
+ os << *start;
+
+ /*
+ case '#': os << "#"; break;
+ case '%': os << "%"; break;
case '(': os << "("; break;
case ')': os << ")"; break;
case ':': os << ":"; break;
case '(': os << "("; break;
case ')': os << ")"; break;
case ':': os << ":"; break;
@@
-56,6
+66,7
@@
void TemplateEngine::html_encode(ostream& os, const char* start) const
case '{': os << "{"; break;
case '}': os << "}"; break;
default: os << *start;
case '{': os << "{"; break;
case '}': os << "}"; break;
default: os << *start;
+ */
}
start++;
}
}
start++;
}
@@
-91,7
+102,7
@@
void TemplateEngine::process(
// Output the string up to this token.
if (visible)
os << buf.substr(lastpos-line, thispos-lastpos);
// Output the string up to this token.
if (visible)
os << buf.substr(lastpos-line, thispos-lastpos);
-
+
// Make sure this token matches our tokens.
#ifdef HAVE_STRCASECMP
if (visible && !strncasecmp(thispos, keytag.c_str(), keytag.length()))
// Make sure this token matches our tokens.
#ifdef HAVE_STRCASECMP
if (visible && !strncasecmp(thispos, keytag.c_str(), keytag.length()))
@@
-101,12
+112,12
@@
void TemplateEngine::process(
{
// Save this position off.
lastpos = thispos + keytag.length();
{
// Save this position off.
lastpos = thispos + keytag.length();
-
+
// search for the end-tag
if ((thispos = strstr(lastpos, "/>")) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
trimspace(key);
// search for the end-tag
if ((thispos = strstr(lastpos, "/>")) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
trimspace(key);
-
+
const char* p = parameters.getParameter(key.c_str());
if (!p && e)
p = e->getProperty(key.c_str());
const char* p = parameters.getParameter(key.c_str());
if (!p && e)
p = e->getProperty(key.c_str());
@@
-123,7
+134,7
@@
void TemplateEngine::process(
{
// Save this position off.
lastpos = thispos + iftag.length();
{
// Save this position off.
lastpos = thispos + iftag.length();
-
+
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
@@
-153,7
+164,7
@@
void TemplateEngine::process(
{
// Save this position off.
lastpos = thispos + ifnottag.length();
{
// Save this position off.
lastpos = thispos + ifnottag.length();
-
+
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
@@
-191,7
+202,7
@@
void TemplateEngine::run(istream& is, ostream& os, const TemplateParameters& par
string buf,line;
while (getline(is, line))
buf += line + '\n';
string buf,line;
while (getline(is, line))
buf += line + '\n';
-
+
const char* pos=buf.c_str();
process(true, buf, pos, os, parameters, e);
}
const char* pos=buf.c_str();
process(true, buf, pos, os, parameters, e);
}
diff --git
a/xmltooling/util/TemplateEngine.h
b/xmltooling/util/TemplateEngine.h
index
bbbcf18
..
08db6e4
100644
(file)
--- a/
xmltooling/util/TemplateEngine.h
+++ b/
xmltooling/util/TemplateEngine.h
@@
-51,7
+51,6
@@
namespace xmltooling {
{
MAKE_NONCOPYABLE(TemplateEngine);
public:
{
MAKE_NONCOPYABLE(TemplateEngine);
public:
-
TemplateEngine() {
setTagPrefix("mlp");
}
TemplateEngine() {
setTagPrefix("mlp");
}
@@
-109,6
+108,12
@@
namespace xmltooling {
const XMLToolingException* e=NULL
) const;
const XMLToolingException* e=NULL
) const;
+ /**
+ * List of non-built-in characters considered "unsafe" and requiring HTML encoding.
+ * The default set is #%&():[]\\`{}
+ */
+ static std::string unsafe_chars;
+
private:
void trimspace(std::string& s) const;
void html_encode(std::ostream& os, const char* start) const;
private:
void trimspace(std::string& s) const;
void html_encode(std::ostream& os, const char* start) const;
diff --git
a/xmltoolingtest/TemplateEngineTest.h
b/xmltoolingtest/TemplateEngineTest.h
index
e11ffba
..
ae7c40c
100644
(file)
--- a/
xmltoolingtest/TemplateEngineTest.h
+++ b/
xmltoolingtest/TemplateEngineTest.h
@@
-34,6
+34,7
@@
public:
TemplateEngine::TemplateParameters p;
p.m_map["foo1"] = "bar1";
p.m_map["foo3"] = "bar3";
TemplateEngine::TemplateParameters p;
p.m_map["foo1"] = "bar1";
p.m_map["foo3"] = "bar3";
+ p.m_map["encoded"] = "http://www.example.org/foo/bar#foobar";
string path = data_path + "template.in";
ifstream in(path.c_str());
string path = data_path + "template.in";
ifstream in(path.c_str());
diff --git
a/xmltoolingtest/data/template.in
b/xmltoolingtest/data/template.in
index
2725527
..
793812e
100644
(file)
--- a/
xmltoolingtest/data/template.in
+++ b/
xmltoolingtest/data/template.in
@@
-11,3
+11,5
@@
This is a template containing tags for substitution by the template engine.
<mlp foo3/>
</mlpifnot>
</mlpif>
<mlp foo3/>
</mlpifnot>
</mlpif>
+
+<mlp encoded/>
diff --git
a/xmltoolingtest/data/template.out
b/xmltoolingtest/data/template.out
index
fc8bf75
..
2eb8e9f
100644
(file)
--- a/
xmltoolingtest/data/template.out
+++ b/
xmltoolingtest/data/template.out
@@
-11,3
+11,5
@@
bar3
bar3
bar3
+
+http://www.example.org/foo/bar#foobar