OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2012 Apple Inc. All rights
reserved. | 2 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2012 Apple Inc. All rights
reserved. |
3 * Copyright (C) 2009, 2010 Google Inc. All rights reserved. | 3 * Copyright (C) 2009, 2010 Google Inc. All rights reserved. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
7 * are met: | 7 * are met: |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
203 void MarkupAccumulator::appendAttributeValue(StringBuilder& result, const String
& attribute, bool documentIsHTML) | 203 void MarkupAccumulator::appendAttributeValue(StringBuilder& result, const String
& attribute, bool documentIsHTML) |
204 { | 204 { |
205 appendCharactersReplacingEntities(result, attribute, 0, attribute.length(), | 205 appendCharactersReplacingEntities(result, attribute, 0, attribute.length(), |
206 documentIsHTML ? EntityMaskInHTMLAttributeValue : EntityMaskInAttributeV
alue); | 206 documentIsHTML ? EntityMaskInHTMLAttributeValue : EntityMaskInAttributeV
alue); |
207 } | 207 } |
208 | 208 |
209 void MarkupAccumulator::appendCustomAttributes(StringBuilder&, const Element&, N
amespaces*) | 209 void MarkupAccumulator::appendCustomAttributes(StringBuilder&, const Element&, N
amespaces*) |
210 { | 210 { |
211 } | 211 } |
212 | 212 |
213 void MarkupAccumulator::appendQuotedURLAttributeValue(StringBuilder& result, con
st Element& element, const Attribute& attribute) | 213 void MarkupAccumulator::appendHTMLEscapedURLAttributeValue(StringBuilder& result
, const Element& element, const Attribute& attribute) |
214 { | 214 { |
215 ASSERT(element.isURLAttribute(attribute)); | 215 ASSERT(element.isURLAttribute(attribute)); |
216 const String resolvedURLString = resolveURLIfNeeded(element, attribute.value
()); | 216 const String resolvedURLString = resolveURLIfNeeded(element, attribute.value
()); |
217 UChar quoteChar = '"'; | 217 UChar quoteChar = '"'; |
218 String strippedURLString = resolvedURLString.stripWhiteSpace(); | 218 String strippedURLString = resolvedURLString.stripWhiteSpace(); |
219 if (protocolIsJavaScript(strippedURLString)) { | 219 if (protocolIsJavaScript(strippedURLString)) { |
220 // minimal escaping for javascript urls | 220 // minimal escaping for javascript urls |
| 221 if (strippedURLString.contains('&')) |
| 222 strippedURLString.replaceWithLiteral('&', "&"); |
| 223 |
221 if (strippedURLString.contains('"')) { | 224 if (strippedURLString.contains('"')) { |
222 if (strippedURLString.contains('\'')) | 225 if (strippedURLString.contains('\'')) |
223 strippedURLString.replaceWithLiteral('"', """); | 226 strippedURLString.replaceWithLiteral('"', """); |
224 else | 227 else |
225 quoteChar = '\''; | 228 quoteChar = '\''; |
226 } | 229 } |
227 result.append(quoteChar); | 230 result.append(quoteChar); |
228 result.append(strippedURLString); | 231 result.append(strippedURLString); |
229 result.append(quoteChar); | 232 result.append(quoteChar); |
230 return; | 233 return; |
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
467 appendNamespace(result, prefixedName.prefix(), attribute.namespa
ceURI(), *namespaces); | 470 appendNamespace(result, prefixedName.prefix(), attribute.namespa
ceURI(), *namespaces); |
468 } | 471 } |
469 } | 472 } |
470 result.append(' '); | 473 result.append(' '); |
471 result.append(prefixedName.toString()); | 474 result.append(prefixedName.toString()); |
472 } | 475 } |
473 | 476 |
474 result.append('='); | 477 result.append('='); |
475 | 478 |
476 if (element.isURLAttribute(attribute)) { | 479 if (element.isURLAttribute(attribute)) { |
477 appendQuotedURLAttributeValue(result, element, attribute); | 480 appendHTMLEscapedURLAttributeValue(result, element, attribute); |
478 } else { | 481 } else { |
479 result.append('"'); | 482 result.append('"'); |
480 appendAttributeValue(result, attribute.value(), documentIsHTML); | 483 appendAttributeValue(result, attribute.value(), documentIsHTML); |
481 result.append('"'); | 484 result.append('"'); |
482 } | 485 } |
483 } | 486 } |
484 | 487 |
485 void MarkupAccumulator::appendCDATASection(StringBuilder& result, const String&
section) | 488 void MarkupAccumulator::appendCDATASection(StringBuilder& result, const String&
section) |
486 { | 489 { |
487 // FIXME: CDATA content is not escaped, but XMLSerializer (and possibly othe
r callers) should raise an exception if it includes "]]>". | 490 // FIXME: CDATA content is not escaped, but XMLSerializer (and possibly othe
r callers) should raise an exception if it includes "]]>". |
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
585 | 588 |
586 String str = node.nodeValue(); | 589 String str = node.nodeValue(); |
587 if (startPosition().containerNode() == node) | 590 if (startPosition().containerNode() == node) |
588 str.truncate(endPosition().offsetInContainerNode()); | 591 str.truncate(endPosition().offsetInContainerNode()); |
589 if (endPosition().containerNode() == node) | 592 if (endPosition().containerNode() == node) |
590 str.remove(0, startPosition().offsetInContainerNode()); | 593 str.remove(0, startPosition().offsetInContainerNode()); |
591 return str; | 594 return str; |
592 } | 595 } |
593 | 596 |
594 } | 597 } |
OLD | NEW |