git-svn-id: https://svn.middleware.georgetown.edu/cpp-xmltooling/branches/REL_1@562
de75baf8-a10c-0410-a50a-
987c0e22f00f
- * Copyright 2001-2007 Internet2
- *
+ * Copyright 2001-2009 Internet2
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
- * Simple template replacement engine.
+ *
+ * Simple template replacement engine.
ifnotendtag = string("</") + tagPrefix + "ifnot>";
}
ifnotendtag = string("</") + tagPrefix + "ifnot>";
}
+string TemplateEngine::unsafe_chars = "#%&():[]\\`{}";
+
void TemplateEngine::html_encode(ostream& os, const char* start) const
{
while (start && *start) {
void TemplateEngine::html_encode(ostream& os, const char* start) const
{
while (start && *start) {
case '<': os << "<"; break;
case '>': os << ">"; break;
case '"': os << """; break;
case '<': os << "<"; break;
case '>': os << ">"; break;
case '"': os << """; break;
- case '#': os << "#"; break;
- case '%': os << "%"; break;
case '&': os << "&"; break;
case '\'': os << "'"; break;
case '&': os << "&"; break;
case '\'': os << "'"; break;
+
+ default:
+ if (unsafe_chars.find_first_of(*start) != string::npos)
+ os << "&#" << static_cast<short>(*start) << ';';
+ else
+ os << *start;
+
+ /*
+ case '#': os << "#"; break;
+ case '%': os << "%"; break;
case '(': os << "("; break;
case ')': os << ")"; break;
case ':': os << ":"; break;
case '(': os << "("; break;
case ')': os << ")"; break;
case ':': os << ":"; break;
case '{': os << "{"; break;
case '}': os << "}"; break;
default: os << *start;
case '{': os << "{"; break;
case '}': os << "}"; break;
default: os << *start;
// Output the string up to this token.
if (visible)
os << buf.substr(lastpos-line, thispos-lastpos);
// Output the string up to this token.
if (visible)
os << buf.substr(lastpos-line, thispos-lastpos);
// Make sure this token matches our tokens.
#ifdef HAVE_STRCASECMP
if (visible && !strncasecmp(thispos, keytag.c_str(), keytag.length()))
// Make sure this token matches our tokens.
#ifdef HAVE_STRCASECMP
if (visible && !strncasecmp(thispos, keytag.c_str(), keytag.length()))
{
// Save this position off.
lastpos = thispos + keytag.length();
{
// Save this position off.
lastpos = thispos + keytag.length();
// search for the end-tag
if ((thispos = strstr(lastpos, "/>")) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
trimspace(key);
// search for the end-tag
if ((thispos = strstr(lastpos, "/>")) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
trimspace(key);
const char* p = parameters.getParameter(key.c_str());
if (!p && e)
p = e->getProperty(key.c_str());
const char* p = parameters.getParameter(key.c_str());
if (!p && e)
p = e->getProperty(key.c_str());
{
// Save this position off.
lastpos = thispos + iftag.length();
{
// Save this position off.
lastpos = thispos + iftag.length();
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
{
// Save this position off.
lastpos = thispos + ifnottag.length();
{
// Save this position off.
lastpos = thispos + ifnottag.length();
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
// search for the end of this tag
if ((thispos = strchr(lastpos, '>')) != NULL) {
string key = buf.substr(lastpos-line, thispos-lastpos);
string buf,line;
while (getline(is, line))
buf += line + '\n';
string buf,line;
while (getline(is, line))
buf += line + '\n';
const char* pos=buf.c_str();
process(true, buf, pos, os, parameters, e);
}
const char* pos=buf.c_str();
process(true, buf, pos, os, parameters, e);
}
{
MAKE_NONCOPYABLE(TemplateEngine);
public:
{
MAKE_NONCOPYABLE(TemplateEngine);
public:
TemplateEngine() {
setTagPrefix("mlp");
}
TemplateEngine() {
setTagPrefix("mlp");
}
const XMLToolingException* e=NULL
) const;
const XMLToolingException* e=NULL
) const;
+ /**
+ * List of non-built-in characters considered "unsafe" and requiring HTML encoding.
+ * The default set is #%&():[]\\`{}
+ */
+ static std::string unsafe_chars;
+
private:
void trimspace(std::string& s) const;
void html_encode(std::ostream& os, const char* start) const;
private:
void trimspace(std::string& s) const;
void html_encode(std::ostream& os, const char* start) const;
TemplateEngine::TemplateParameters p;
p.m_map["foo1"] = "bar1";
p.m_map["foo3"] = "bar3";
TemplateEngine::TemplateParameters p;
p.m_map["foo1"] = "bar1";
p.m_map["foo3"] = "bar3";
+ p.m_map["encoded"] = "http://www.example.org/foo/bar#foobar";
string path = data_path + "template.in";
ifstream in(path.c_str());
string path = data_path + "template.in";
ifstream in(path.c_str());
<mlp foo3/>
</mlpifnot>
</mlpif>
<mlp foo3/>
</mlpifnot>
</mlpif>
+
+http://www.example.org/foo/bar#foobar