vanitasvitae/Smack
1
0
Fork 0
mirror of https://github.com/vanitasvitae/Smack.git synced 2025-09-10 17:49:38 +02:00
Code Issues Releases Wiki Activity

1) SMACK-170 - Added JID escaping capabilities to SMACK.

Browse source 
2) Escaping form field values to prevent bad xml.

git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@5363 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
Derek DeMoro 2006-09-14 15:19:39 +00:00 committed by derek
parent 1df8baa6f7
commit 85781a7158
8 changed files with 83 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

55
source/org/jivesoftware/smack/util/StringUtils.java
View file

@ -47,7 +47,7 @@ public class StringUtils {
if (XMPPAddress == null) {
return null;
}
int atIndex = XMPPAddress.indexOf("@");
int atIndex = XMPPAddress.lastIndexOf("@");
if (atIndex <= 0) {
return "";
}
@ -68,7 +68,7 @@ public class StringUtils {
if (XMPPAddress == null) {
return null;
}
int atIndex = XMPPAddress.indexOf("@");
int atIndex = XMPPAddress.lastIndexOf("@");
// If the String ends with '@', return the empty string.
if (atIndex + 1 > XMPPAddress.length()) {
return "";
@ -127,6 +127,8 @@ public class StringUtils {
}
}
/**
* Escapes the node portion of a JID according to "JID Escaping" (JEP-0106).
* Escaping replaces characters prohibited by node-prep with escape sequences,
@ -166,15 +168,9 @@ public class StringUtils {
for (int i=0, n=node.length(); i<n; i++) {
char c = node.charAt(i);
switch (c) {
case '"': buf.append("\\22"); break;
case '&': buf.append("\\26"); break;
case '\'': buf.append("\\27"); break;
case '/': buf.append("\\2f"); break;
case ':': buf.append("\\3a"); break;
case '<': buf.append("\\3c"); break;
case '>': buf.append("\\3e"); break;
case '@': buf.append("\\40"); break;
case '\\': buf.append("\\5c"); break;
default: {
if (Character.isWhitespace(c)) {
buf.append("\\20");
@ -188,6 +184,43 @@ public class StringUtils {
return buf.toString();
}
/**
* Escapes a complete JID by examing the Node itself and escaping
* when neccessary.
* @param jid the users JID
* @return the escaped JID.
*/
public static String escapeJID(String jid){
if(jid == null){
return null;
}
final StringBuilder builder = new StringBuilder();
String node = parseName(jid);
String restOfJID = jid.substring(node.length());
builder.append(escapeNode(node));
builder.append(restOfJID);
return builder.toString();
}
/**
* Unescapes a complete JID by examing the node itself and unescaping when necessary.
* @param jid the users jid.
* @return the unescaped JID.
*/
public static String unescapeJID(String jid){
if(jid == null){
return null;
}
final StringBuilder builder = new StringBuilder();
String node = parseName(jid);
String restOfJID = jid.substring(node.length());
builder.append(unescapeNode(node));
builder.append(restOfJID);
return builder.toString();
}
/**
* Un-escapes the node portion of a JID according to "JID Escaping" (JEP-0106).<p>
* Escaping replaces characters prohibited by node-prep with escape sequences,
@ -308,7 +341,7 @@ public class StringUtils {
if (i > last) {
out.append(input, last, i - last);
}
// Do nothing if the string is of the form &#235; (unicode value)
// Do nothing if the string is of the form &#235; (unicode value)
if (!(len > i + 5
&& input[i + 1] == '#'
&& Character.isDigit(input[i + 2])