This repository was archived by the owner on Jan 14, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathhtmlStringEncoder.js
More file actions
73 lines (64 loc) · 2.18 KB
/
Copy pathhtmlStringEncoder.js
File metadata and controls
73 lines (64 loc) · 2.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
/*
Copyright 2008 Security Compass
This file is part of SQL Inject Me.
SQL Inject Me is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
SQL Inject Me is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with SQL Inject Me. If not, see <http://www.gnu.org/licenses/>.
If you have any questions regarding SQL Inject Me please contact
tools@securitycompass.com
*/
/**
* HTMLStringEncoder is used to encode strings so that they don't cause
* problems in HTML.
* This object is prefered over the using encodeString() directly as it
* provides a cache so the expensive (O(n)) action of generating encoded
* strings has to only be done once.
* This cache does not check itself to make sure it doesn't grow too big. That's
* up to its user.
* @requires util.js this is a wrapper around the util encodeString function
*/
function HTMLStringEncoder(){
/**
* the cache, a hash. All keys should be prefixed with
* HTMLStringEncoder.prefix
*/
this.cache = new Object();
}
HTMLStringEncoder.prototype = {
/**
* prefix is used to prefix all cache keys
*/
prefix: "html_"
,
/**
* returns an encoded version of str. Checks cache first.
* @returns an encoded version of str
*/
encodeString: function(str) {
var rv = this.cache[this.prefix + str];
if (rv === undefined ){
rv = this.cache[this.prefix + str] = encodeString(str);
}
return rv;
}
,
/**
* clears the cache
*/
clear: function(){
this.cache = new Object();
}
}
function getHTMLStringEncoder() {
if (typeof(__security_compass_html_string_encoder__) === 'undefined') {
__security_compass_html_string_encoder__ = new HTMLStringEncoder;
}
return __security_compass_html_string_encoder__;
}