You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Marc Slemko <ma...@znep.com> on 2000/02/02 23:29:07 UTC
Re: cvs commit: apache-site/info/css-security encoding_examples.html
On 2 Feb 2000 marc@hyperreal.org wrote:
> marc 00/02/02 11:26:04
>
> Modified: info/css-security encoding_examples.html
> Log:
> Sigh. The Java code is GPLed, so I am removing it.
If anyone has reliable Java code for doing this that is under a less
restrictive license, let me know or add it yourself...
>
> Revision Changes Path
> 1.4 +0 -44 apache-site/info/css-security/encoding_examples.html
>
> Index: encoding_examples.html
> ===================================================================
> RCS file: /export/home/cvs/apache-site/info/css-security/encoding_examples.html,v
> retrieving revision 1.3
> retrieving revision 1.4
> diff -u -r1.3 -r1.4
> --- encoding_examples.html 2000/02/02 19:17:41 1.3
> +++ encoding_examples.html 2000/02/02 19:26:03 1.4
> @@ -163,49 +163,5 @@
> http://stein.cshl.org/WWW/software/CGI/</A> for more details on what
> this module can do.
>
> -<H2>Java Example:</H2>
> -
> -Unfortunately, Java does not include a standard method for entity
> -encoding data. One possible method, taken from the <A
> -HREF="http://www.bitmechanic.com/projects/gsp/">GSP</A> code, is:
> -
> -<PRE>
> -
> -public static String escapeValue(String str) {
> - str = replace(str, '&', "&amp;");
> - str = replace(str, '"', "&quot;");
> - str = replace(str, '<', "&lt;");
> - str = replace(str, '>', "&gt;");
> - return str;
> -}
> -
> -public static String replace(String str, char ch, String replace) {
> - int pos = str.indexOf(ch);
> - if(pos == -1) return str;
> - StringBuffer buff = new StringBuffer(str.length() + 32);
> - int start = 0;
> - while(pos != -1 && start < str.length()) {
> - buff.append(str.substring(start, pos));
> - buff.append(replace);
> -
> - start = pos + 1;
> - if(start < str.length()) pos = str.indexOf(ch, start);
> - }
> - if(start < str.length()) buff.append(str.substring(start));
> - return buff.toString();
> -}
> -
> -</PRE>
> -
> -You would use this in a manner such as:
> -
> -<PRE>
> -String Text = "foo<b>bar";
> -String URL = "foo<b>bar.html";
> -
> -System.out.println(escapeValue(Text));
> -System.out.println(java.net.URLEncoder.encode(URL));
> -</PRE>
> -
> </BODY>
> </HTML>
>
>
>
>