Ejemplo n.º 1
0
        /// <summary>
        /// Returns HTML-escaped text as a SafeHtml object.
        ///
        /// If text is of a type that implements
        /// {@code goog.i18n.bidi.DirectionalString}, the directionality of the new
        /// {@code SafeHtml} object is set to {@code text}'s directionality, if known.
        /// Otherwise, the directionality of the resulting SafeHtml is unknown (i.e.,
        /// {@code null}).
        /// </summary>
        /// <param name="opt_html">The text to escape. If
        /// the parameter is of type SafeHtml it is returned directly (no escaping
        /// is done).</param>
        /// <returns>The escaped text, wrapped as a SafeHtml.</returns>
        public static SafeHtml htmlEscape(object textOrHtml_)
        {
            if (textOrHtml_ is goog.html.SafeHtml)
            {
                return(textOrHtml_ as goog.html.SafeHtml);
            }
            var textOrHtml = textOrHtml_ as goog.html.ISafeCode;

            goog.i18n.bidi.Dir dir = null;
            if (textOrHtml != null && textOrHtml.implementsGoogI18nBidiDirectionalString)
            {
                dir = textOrHtml.getDirection();
            }
            string textAsString;

            if (textOrHtml != null && textOrHtml.implementsGoogStringTypedString)
            {
                textAsString = textOrHtml.getTypedStringValue();
            }
            else
            {
                textAsString = textOrHtml_.ToString();
            }
            return(goog.html.SafeHtml.createSafeHtmlSecurityPrivateDoNotAccessOrElse(
                       [email protected](textAsString), dir));
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Like create() but does not restrict which tags can be constructed.
        /// </summary>
        /// <param name="tagName"></param>
        /// <param name="opt_attributes"></param>
        /// <param name="opt_content"></param>
        /// <returns></returns>
        public static SafeHtml createSafeHtmlTagSecurityPrivateDoNotAccessOrElse(string tagName, Dictionary <string, object> opt_attributes = null, JsArray <SafeHtml> opt_content = null)
        {
            goog.i18n.bidi.Dir dir = null;
            var result             = "<" + tagName;

            result += goog.html.SafeHtml.stringifyAttributes(tagName, opt_attributes);

            var content = opt_content;

            if (content == null)
            {
                content = new JsArray <SafeHtml>();
            }
            else if (!(content is IEnumerable <SafeHtml>))
            {
                content = new JsArray <SafeHtml>((IEnumerable <SafeHtml>)content);
            }

            if (goog.dom.tags.isVoidTag(tagName.ToLowerCase()))
            {
                goog.asserts.assert(
                    content.Length == 0, "Void tag <" + tagName + "> does not allow content.");
                result += ">";
            }
            else
            {
                var html = goog.html.SafeHtml.concat(content);
                result += ">" + goog.html.SafeHtml.unwrap(html) + "</" + tagName + ">";
                dir     = html.getDirection();
            }

            var dirAttribute = opt_attributes != null && opt_attributes.ContainsKey("dir") ? (string)opt_attributes["dir"] : null;

            if (dirAttribute != null)
            {
                if (new Regex(@"^(ltr|rtl|auto)$", RegexOptions.IgnoreCase).Test(dirAttribute))
                {
                    // If the tag has the "dir" attribute specified then its direction is
                    // neutral because it can be safely used in any context.
                    dir = goog.i18n.bidi.Dir.NEUTRAL;
                }
                else
                {
                    dir = null;
                }
            }

            return(goog.html.SafeHtml.createSafeHtmlSecurityPrivateDoNotAccessOrElse(
                       result, dir));
        }
Ejemplo n.º 3
0
 public SafeHtml()
 {
     privateDoNotAccessOrElseSafeHtmlWrappedValue_     = "";
     SAFE_HTML_TYPE_MARKER_GOOG_HTML_SECURITY_PRIVATE_ = TYPE_MARKER_GOOG_HTML_SECURITY_PRIVATE_;
     dir_ = null;
 }
Ejemplo n.º 4
0
 /// <summary>
 /// Called from createSafeHtmlSecurityPrivateDoNotAccessOrElse(). This
 /// method exists only so that the compiler can dead code eliminate static
 /// fields (like EMPTY) when they're not accessed.
 /// </summary>
 /// <param name="html"></param>
 /// <param name="dir"></param>
 /// <returns></returns>
 private SafeHtml initSecurityPrivateDoNotAccessOrElse_(string html, goog.i18n.bidi.Dir dir)
 {
     this.privateDoNotAccessOrElseSafeHtmlWrappedValue_ = html;
     this.dir_ = dir;
     return(this);
 }
Ejemplo n.º 5
0
 /// <summary>
 /// Package-internal utility method to create SafeHtml instances.
 /// </summary>
 /// <param name="html">The string to initialize the SafeHtml object with.</param>
 /// <param name="dir">The directionality of the SafeHtml to be
 /// constructed, or null if unknown.</param>
 /// <returns>The initialized SafeHtml object.</returns>
 public static SafeHtml createSafeHtmlSecurityPrivateDoNotAccessOrElse(string html, goog.i18n.bidi.Dir dir)
 {
     return((new goog.html.SafeHtml()).initSecurityPrivateDoNotAccessOrElse_(
                html, dir));
 }