Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libs/core: rework luci.util.pcdata() to also escape ascii control chars

Browse source
This commit is contained in:
Jo-Philipp Wich 2009-01-25 12:29:37 +00:00
parent 918e1f8658
commit e226a77b24
1 changed files with 16 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
libs/core/luasrc/util.lua
View file

@ -193,16 +193,24 @@ end
--- Create valid XML PCDATA from given string. --- Create valid XML PCDATA from given string.
-- @param value String value containing the data to escape -- @param value String value containing the data to escape
-- @return String value containing the escaped data -- @return String value containing the escaped data
local _pcdata_repl = { local function _pcdata_repl(c)
["&"] = "&", local i = string.byte(c)
['"'] = """,
["'"] = "&#39;", if ( i >= 0x00 and i <= 0x08 ) or
["<"] = "&#60;", ( i >= 0x0B and i <= 0x0C ) or
[">"] = "&#62;" ( i >= 0x0E and i <= 0x0F ) or
} ( i >= 0x26 and i <= 0x27 ) or
( i == 0x7F ) or ( i == 0x22 ) or
( i == 0x3C ) or ( i == 0x3E )
then
return string.format("&#%i;", i)
end
return c
end
function pcdata(value) function pcdata(value)
return value and tostring(value):gsub("[&\"'<>]", _pcdata_repl) return value and tostring(value):gsub("[&\"'<>%c]", _pcdata_repl)
end end
--- Strip HTML tags from given string. --- Strip HTML tags from given string.