PageRenderTime 73ms CodeModel.GetById 9ms app.highlight 59ms RepoModel.GetById 1ms app.codeStats 0ms

/BlogEngine/BlogEngine.NET/editors/tiny_mce_3_4_3_1/plugins/insertcode/js/encoder.js

#
JavaScript | 215 lines | 140 code | 40 blank | 35 comment | 34 complexity | 536f9cfd7531ae779600530d74b0c4a6 MD5 | raw file
  1
  2/*
  3   From http://www.strictly-software.com/htmlencode
  4*/
  5
  6Encoder = {
  7
  8	// When encoding do we convert characters into html or numerical entities
  9	EncodeType : "entity",  // entity OR numerical
 10
 11	isEmpty : function(val){
 12		if(val){
 13			return ((val===null) || val.length==0 || /^\s+$/.test(val));
 14		}else{
 15			return true;
 16		}
 17	},
 18	// Convert HTML entities into numerical entities
 19	HTML2Numerical : function(s){
 20		var arr1 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','à','á','â','ã','Ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','Ö','×','ø','ù','ú','û','Ü','ý','þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','Ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','œ','œ','š','š','ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','†','‰','‹','›','€','ƒ','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','σ','τ','υ','φ','χ','ψ','ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','′','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','←','↑','→','↓','↔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','⟨','⟩','◊','♠','♣','♥','♦');
 21		var arr2 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','Œ','œ','Š','š','Ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','‡','‰','‹','›','€','ƒ','Α','Β','Γ','Δ','Ε','Ζ','Η','Θ','Ι','Κ','Λ','Μ','Ν','Ξ','Ο','Π','Ρ','Σ','Τ','Υ','Φ','Χ','Ψ','Ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','″','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','⇐','⇑','⇒','⇓','⇔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','〈','〉','◊','♠','♣','♥','♦');
 22		return this.swapArrayVals(s,arr1,arr2);
 23	},	
 24
 25	// Convert Numerical entities into HTML entities
 26	NumericalToHTML : function(s){
 27		var arr1 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','Œ','œ','Š','š','Ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','‡','‰','‹','›','€','ƒ','Α','Β','Γ','Δ','Ε','Ζ','Η','Θ','Ι','Κ','Λ','Μ','Ν','Ξ','Ο','Π','Ρ','Σ','Τ','Υ','Φ','Χ','Ψ','Ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','″','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','⇐','⇑','⇒','⇓','⇔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','〈','〉','◊','♠','♣','♥','♦');
 28		var arr2 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','à','á','â','ã','Ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','Ö','×','ø','ù','ú','û','Ü','ý','þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','Ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','œ','œ','š','š','ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','†','‰','‹','›','€','ƒ','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','σ','τ','υ','φ','χ','ψ','ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','′','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','←','↑','→','↓','↔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','⟨','⟩','◊','♠','♣','♥','♦');
 29		return this.swapArrayVals(s,arr1,arr2);
 30	},
 31
 32
 33	// Numerically encodes all unicode characters
 34	numEncode : function(s){
 35		
 36		if(this.isEmpty(s)) return "";
 37
 38		var e = "";
 39		for (var i = 0; i < s.length; i++)
 40		{
 41			var c = s.charAt(i);
 42			if (c < " " || c > "~")
 43			{
 44				c = "&#" + c.charCodeAt() + ";";
 45			}
 46			e += c;
 47		}
 48		return e;
 49	},
 50	
 51	// HTML Decode numerical and HTML entities back to original values
 52	htmlDecode : function(s){
 53
 54		var c,m,d = s;
 55		
 56		if(this.isEmpty(d)) return "";
 57
 58		// convert HTML entites back to numerical entites first
 59		d = this.HTML2Numerical(d);
 60		
 61		// look for numerical entities &#34;
 62		arr=d.match(/&#[0-9]{1,5};/g);
 63		
 64		// if no matches found in string then skip
 65		if(arr!=null){
 66			for(var x=0;x<arr.length;x++){
 67				m = arr[x];
 68				c = m.substring(2,m.length-1); //get numeric part which is refernce to unicode character
 69				// if its a valid number we can decode
 70				if(c >= -32768 && c <= 65535){
 71					// decode every single match within string
 72					d = d.replace(m, String.fromCharCode(c));
 73				}else{
 74					d = d.replace(m, ""); //invalid so replace with nada
 75				}
 76			}			
 77		}
 78
 79		return d;
 80	},		
 81
 82	// encode an input string into either numerical or HTML entities
 83	htmlEncode : function(s,dbl){
 84			
 85		if(this.isEmpty(s)) return "";
 86
 87		// do we allow double encoding? E.g will &amp; be turned into &amp;amp;
 88		dbl = dbl | false; //default to prevent double encoding
 89		
 90		// if allowing double encoding we do ampersands first
 91		if(dbl){
 92			if(this.EncodeType=="numerical"){
 93				s = s.replace(/&/g, "&#38;");
 94			}else{
 95				s = s.replace(/&/g, "&amp;");
 96			}
 97		}
 98
 99		// convert the xss chars to numerical entities ' " < >
100		s = this.XSSEncode(s,false);
101		
102		if(this.EncodeType=="numerical" || !dbl){
103			// Now call function that will convert any HTML entities to numerical codes
104			s = this.HTML2Numerical(s);
105		}
106
107		// Now encode all chars above 127 e.g unicode
108		s = this.numEncode(s);
109
110		// now we know anything that needs to be encoded has been converted to numerical entities we
111		// can encode any ampersands & that are not part of encoded entities
112		// to handle the fact that I need to do a negative check and handle multiple ampersands &&&
113		// I am going to use a placeholder
114
115		// if we don't want double encoded entities we ignore the & in existing entities
116		if(!dbl){
117			s = s.replace(/&#/g,"##AMPHASH##");
118		
119			if(this.EncodeType=="numerical"){
120				s = s.replace(/&/g, "&#38;");
121			}else{
122				s = s.replace(/&/g, "&amp;");
123			}
124
125			s = s.replace(/##AMPHASH##/g,"&#");
126		}
127		
128		// replace any malformed entities
129		s = s.replace(/&#\d*([^\d;]|$)/g, "$1");
130
131		if(!dbl){
132			// safety check to correct any double encoded &amp;
133			s = this.correctEncoding(s);
134		}
135
136		// now do we need to convert our numerical encoded string into entities
137		if(this.EncodeType=="entity"){
138			s = this.NumericalToHTML(s);
139		}
140
141		return s;					
142	},
143
144	// Encodes the basic 4 characters used to malform HTML in XSS hacks
145	XSSEncode : function(s,en){
146		if(!this.isEmpty(s)){
147			en = en || true;
148			// do we convert to numerical or html entity?
149			if(en){
150				s = s.replace(/\'/g,"&#39;"); //no HTML equivalent as &apos is not cross browser supported
151				s = s.replace(/\"/g,"&quot;");
152				s = s.replace(/</g,"&lt;");
153				s = s.replace(/>/g,"&gt;");
154			}else{
155				s = s.replace(/\'/g,"&#39;"); //no HTML equivalent as &apos is not cross browser supported
156				s = s.replace(/\"/g,"&#34;");
157				s = s.replace(/</g,"&#60;");
158				s = s.replace(/>/g,"&#62;");
159			}
160			return s;
161		}else{
162			return "";
163		}
164	},
165
166	// returns true if a string contains html or numerical encoded entities
167	hasEncoded : function(s){
168		if(/&#[0-9]{1,5};/g.test(s)){
169			return true;
170		}else if(/&[A-Z]{2,6};/gi.test(s)){
171			return true;
172		}else{
173			return false;
174		}
175	},
176
177	// will remove any unicode characters
178	stripUnicode : function(s){
179		return s.replace(/[^\x20-\x7E]/g,"");
180		
181	},
182
183	// corrects any double encoded &amp; entities e.g &amp;amp;
184	correctEncoding : function(s){
185		return s.replace(/(&amp;)(amp;)+/,"$1");
186	},
187
188
189	// Function to loop through an array swaping each item with the value from another array e.g swap HTML entities with Numericals
190	swapArrayVals : function(s,arr1,arr2){
191		if(this.isEmpty(s)) return "";
192		var re;
193		if(arr1 && arr2){
194			//ShowDebug("in swapArrayVals arr1.length = " + arr1.length + " arr2.length = " + arr2.length)
195			// array lengths must match
196			if(arr1.length == arr2.length){
197				for(var x=0,i=arr1.length;x<i;x++){
198					re = new RegExp(arr1[x], 'g');
199					s = s.replace(re,arr2[x]); //swap arr1 item with matching item from arr2	
200				}
201			}
202		}
203		return s;
204	},
205
206	inArray : function( item, arr ) {
207		for ( var i = 0, x = arr.length; i < x; i++ ){
208			if ( arr[i] === item ){
209				return i;
210			}
211		}
212		return -1;
213	}
214
215}