/BlogEngine/BlogEngine.NET/editors/tiny_mce_3_4_3_1/plugins/insertcode/js/encoder.js
JavaScript | 215 lines | 140 code | 40 blank | 35 comment | 34 complexity | 536f9cfd7531ae779600530d74b0c4a6 MD5 | raw file
Possible License(s): LGPL-2.1, Apache-2.0, BSD-3-Clause
-
- /*
- From http://www.strictly-software.com/htmlencode
- */
-
- Encoder = {
-
- // When encoding do we convert characters into html or numerical entities
- EncodeType : "entity", // entity OR numerical
-
- isEmpty : function(val){
- if(val){
- return ((val===null) || val.length==0 || /^\s+$/.test(val));
- }else{
- return true;
- }
- },
- // Convert HTML entities into numerical entities
- HTML2Numerical : function(s){
- var arr1 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','à','á','â','ã','Ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','Ö','×','ø','ù','ú','û','Ü','ý','þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','Ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','œ','œ','š','š','ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','†','‰','‹','›','€','ƒ','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','σ','τ','υ','φ','χ','ψ','ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','′','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','←','↑','→','↓','↔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','⟨','⟩','◊','♠','♣','♥','♦');
- var arr2 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','Œ','œ','Š','š','Ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','‡','‰','‹','›','€','ƒ','Α','Β','Γ','Δ','Ε','Ζ','Η','Θ','Ι','Κ','Λ','Μ','Ν','Ξ','Ο','Π','Ρ','Σ','Τ','Υ','Φ','Χ','Ψ','Ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','″','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','⇐','⇑','⇒','⇓','⇔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','〈','〉','◊','♠','♣','♥','♦');
- return this.swapArrayVals(s,arr1,arr2);
- },
-
- // Convert Numerical entities into HTML entities
- NumericalToHTML : function(s){
- var arr1 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','Œ','œ','Š','š','Ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','‡','‰','‹','›','€','ƒ','Α','Β','Γ','Δ','Ε','Ζ','Η','Θ','Ι','Κ','Λ','Μ','Ν','Ξ','Ο','Π','Ρ','Σ','Τ','Υ','Φ','Χ','Ψ','Ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','″','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','⇐','⇑','⇒','⇓','⇔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','〈','〉','◊','♠','♣','♥','♦');
- var arr2 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','à','á','â','ã','Ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','Ö','×','ø','ù','ú','û','Ü','ý','þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','Ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','œ','œ','š','š','ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','†','‰','‹','›','€','ƒ','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','σ','τ','υ','φ','χ','ψ','ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','′','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','←','↑','→','↓','↔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','⟨','⟩','◊','♠','♣','♥','♦');
- return this.swapArrayVals(s,arr1,arr2);
- },
-
-
- // Numerically encodes all unicode characters
- numEncode : function(s){
-
- if(this.isEmpty(s)) return "";
-
- var e = "";
- for (var i = 0; i < s.length; i++)
- {
- var c = s.charAt(i);
- if (c < " " || c > "~")
- {
- c = "&#" + c.charCodeAt() + ";";
- }
- e += c;
- }
- return e;
- },
-
- // HTML Decode numerical and HTML entities back to original values
- htmlDecode : function(s){
-
- var c,m,d = s;
-
- if(this.isEmpty(d)) return "";
-
- // convert HTML entites back to numerical entites first
- d = this.HTML2Numerical(d);
-
- // look for numerical entities "
- arr=d.match(/&#[0-9]{1,5};/g);
-
- // if no matches found in string then skip
- if(arr!=null){
- for(var x=0;x<arr.length;x++){
- m = arr[x];
- c = m.substring(2,m.length-1); //get numeric part which is refernce to unicode character
- // if its a valid number we can decode
- if(c >= -32768 && c <= 65535){
- // decode every single match within string
- d = d.replace(m, String.fromCharCode(c));
- }else{
- d = d.replace(m, ""); //invalid so replace with nada
- }
- }
- }
-
- return d;
- },
-
- // encode an input string into either numerical or HTML entities
- htmlEncode : function(s,dbl){
-
- if(this.isEmpty(s)) return "";
-
- // do we allow double encoding? E.g will & be turned into &amp;
- dbl = dbl | false; //default to prevent double encoding
-
- // if allowing double encoding we do ampersands first
- if(dbl){
- if(this.EncodeType=="numerical"){
- s = s.replace(/&/g, "&");
- }else{
- s = s.replace(/&/g, "&");
- }
- }
-
- // convert the xss chars to numerical entities ' " < >
- s = this.XSSEncode(s,false);
-
- if(this.EncodeType=="numerical" || !dbl){
- // Now call function that will convert any HTML entities to numerical codes
- s = this.HTML2Numerical(s);
- }
-
- // Now encode all chars above 127 e.g unicode
- s = this.numEncode(s);
-
- // now we know anything that needs to be encoded has been converted to numerical entities we
- // can encode any ampersands & that are not part of encoded entities
- // to handle the fact that I need to do a negative check and handle multiple ampersands &&&
- // I am going to use a placeholder
-
- // if we don't want double encoded entities we ignore the & in existing entities
- if(!dbl){
- s = s.replace(/&#/g,"##AMPHASH##");
-
- if(this.EncodeType=="numerical"){
- s = s.replace(/&/g, "&");
- }else{
- s = s.replace(/&/g, "&");
- }
-
- s = s.replace(/##AMPHASH##/g,"&#");
- }
-
- // replace any malformed entities
- s = s.replace(/&#\d*([^\d;]|$)/g, "$1");
-
- if(!dbl){
- // safety check to correct any double encoded &
- s = this.correctEncoding(s);
- }
-
- // now do we need to convert our numerical encoded string into entities
- if(this.EncodeType=="entity"){
- s = this.NumericalToHTML(s);
- }
-
- return s;
- },
-
- // Encodes the basic 4 characters used to malform HTML in XSS hacks
- XSSEncode : function(s,en){
- if(!this.isEmpty(s)){
- en = en || true;
- // do we convert to numerical or html entity?
- if(en){
- s = s.replace(/\'/g,"'"); //no HTML equivalent as &apos is not cross browser supported
- s = s.replace(/\"/g,""");
- s = s.replace(/</g,"<");
- s = s.replace(/>/g,">");
- }else{
- s = s.replace(/\'/g,"'"); //no HTML equivalent as &apos is not cross browser supported
- s = s.replace(/\"/g,""");
- s = s.replace(/</g,"<");
- s = s.replace(/>/g,">");
- }
- return s;
- }else{
- return "";
- }
- },
-
- // returns true if a string contains html or numerical encoded entities
- hasEncoded : function(s){
- if(/&#[0-9]{1,5};/g.test(s)){
- return true;
- }else if(/&[A-Z]{2,6};/gi.test(s)){
- return true;
- }else{
- return false;
- }
- },
-
- // will remove any unicode characters
- stripUnicode : function(s){
- return s.replace(/[^\x20-\x7E]/g,"");
-
- },
-
- // corrects any double encoded & entities e.g &amp;
- correctEncoding : function(s){
- return s.replace(/(&)(amp;)+/,"$1");
- },
-
-
- // Function to loop through an array swaping each item with the value from another array e.g swap HTML entities with Numericals
- swapArrayVals : function(s,arr1,arr2){
- if(this.isEmpty(s)) return "";
- var re;
- if(arr1 && arr2){
- //ShowDebug("in swapArrayVals arr1.length = " + arr1.length + " arr2.length = " + arr2.length)
- // array lengths must match
- if(arr1.length == arr2.length){
- for(var x=0,i=arr1.length;x<i;x++){
- re = new RegExp(arr1[x], 'g');
- s = s.replace(re,arr2[x]); //swap arr1 item with matching item from arr2
- }
- }
- }
- return s;
- },
-
- inArray : function( item, arr ) {
- for ( var i = 0, x = arr.length; i < x; i++ ){
- if ( arr[i] === item ){
- return i;
- }
- }
- return -1;
- }
-
- }