| 'use strict'; |
| |
| // Declare internals |
| |
| const internals = {}; |
| |
| |
| exports.escapeJavaScript = function (input) { |
| |
| if (!input) { |
| return ''; |
| } |
| |
| let escaped = ''; |
| |
| for (let i = 0; i < input.length; ++i) { |
| |
| const charCode = input.charCodeAt(i); |
| |
| if (internals.isSafe(charCode)) { |
| escaped += input[i]; |
| } |
| else { |
| escaped += internals.escapeJavaScriptChar(charCode); |
| } |
| } |
| |
| return escaped; |
| }; |
| |
| |
| exports.escapeHtml = function (input) { |
| |
| if (!input) { |
| return ''; |
| } |
| |
| let escaped = ''; |
| |
| for (let i = 0; i < input.length; ++i) { |
| |
| const charCode = input.charCodeAt(i); |
| |
| if (internals.isSafe(charCode)) { |
| escaped += input[i]; |
| } |
| else { |
| escaped += internals.escapeHtmlChar(charCode); |
| } |
| } |
| |
| return escaped; |
| }; |
| |
| |
| exports.escapeJson = function (input) { |
| |
| if (!input) { |
| return ''; |
| } |
| |
| const lessThan = 0x3C; |
| const greaterThan = 0x3E; |
| const andSymbol = 0x26; |
| const lineSeperator = 0x2028; |
| |
| // replace method |
| let charCode; |
| return input.replace(/[<>&\u2028\u2029]/g, (match) => { |
| |
| charCode = match.charCodeAt(0); |
| |
| if (charCode === lessThan) { |
| return '\\u003c'; |
| } |
| else if (charCode === greaterThan) { |
| return '\\u003e'; |
| } |
| else if (charCode === andSymbol) { |
| return '\\u0026'; |
| } |
| else if (charCode === lineSeperator) { |
| return '\\u2028'; |
| } |
| return '\\u2029'; |
| }); |
| }; |
| |
| |
| internals.escapeJavaScriptChar = function (charCode) { |
| |
| if (charCode >= 256) { |
| return '\\u' + internals.padLeft('' + charCode, 4); |
| } |
| |
| const hexValue = Buffer.from(String.fromCharCode(charCode), 'ascii').toString('hex'); |
| return '\\x' + internals.padLeft(hexValue, 2); |
| }; |
| |
| |
| internals.escapeHtmlChar = function (charCode) { |
| |
| const namedEscape = internals.namedHtml[charCode]; |
| if (typeof namedEscape !== 'undefined') { |
| return namedEscape; |
| } |
| |
| if (charCode >= 256) { |
| return '&#' + charCode + ';'; |
| } |
| |
| const hexValue = Buffer.from(String.fromCharCode(charCode), 'ascii').toString('hex'); |
| return '&#x' + internals.padLeft(hexValue, 2) + ';'; |
| }; |
| |
| |
| internals.padLeft = function (str, len) { |
| |
| while (str.length < len) { |
| str = '0' + str; |
| } |
| |
| return str; |
| }; |
| |
| |
| internals.isSafe = function (charCode) { |
| |
| return (typeof internals.safeCharCodes[charCode] !== 'undefined'); |
| }; |
| |
| |
| internals.namedHtml = { |
| '38': '&', |
| '60': '<', |
| '62': '>', |
| '34': '"', |
| '160': ' ', |
| '162': '¢', |
| '163': '£', |
| '164': '¤', |
| '169': '©', |
| '174': '®' |
| }; |
| |
| |
| internals.safeCharCodes = (function () { |
| |
| const safe = {}; |
| |
| for (let i = 32; i < 123; ++i) { |
| |
| if ((i >= 97) || // a-z |
| (i >= 65 && i <= 90) || // A-Z |
| (i >= 48 && i <= 57) || // 0-9 |
| i === 32 || // space |
| i === 46 || // . |
| i === 44 || // , |
| i === 45 || // - |
| i === 58 || // : |
| i === 95) { // _ |
| |
| safe[i] = null; |
| } |
| } |
| |
| return safe; |
| }()); |
