org.zkoss.html

Class HTMLs

java.lang.Object

org.zkoss.html.HTMLs

public class HTMLs
extends Object

Utilities for HTML attributes and styles.

Since:

6.0.0

Author:

tomyeh

Constructor Summary

Constructors

Constructor and Description
HTMLs()

Method Summary

Modifier and Type	Method and Description
static void	appendAttribute(StringBuffer sb, String name, boolean val) Appends an attribute to the string buffer for HTML/XML (name="val").
static void	appendAttribute(StringBuffer sb, String name, double val) Appends an attribute with a long value to the string buffer for HTML/XML (name="val").
static void	appendAttribute(StringBuffer sb, String name, int val) Appends an attribute with a int value to the string buffer for HTML/XML (name="val").
static void	appendAttribute(StringBuffer sb, String name, long val) Appends an attribute with a long value to the string buffer for HTML/XML (name="val").
static void	appendAttribute(StringBuffer sb, String name, short val) Appends an attribute with a short value to the string buffer for HTML/XML (name="val").
static void	appendAttribute(StringBuffer sb, String name, String val) Appends an attribute to the string buffer for HTML/XML (name="val").
static void	appendAttribute(StringBuffer sb, String name, String val, boolean emptyIgnored) Appends an attribute to the string buffer for HTML/XML (name="val").
static void	appendStyle(StringBuffer sb, String name, String val) Appends a style value to the string buffer for HTML/XML (name:"val";).
static String	encodeCharacter(char[] immune, Character c) Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java
static String	encodeJavaScript(String input) Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java
static int	getSubstyleIndex(String style, String substyle) Returns the position of the specified substyle, or -1 if not found.
static String	getSubstyleValue(String style, int j) Returns the value starting at the specified index (never null).
static String	getTextRelevantStyle(String style) Retrieves text relevant CSS styles.
static boolean	isOrphanTag(String tagname) Returns whether the specified tag is an 'orphan' tag.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HTMLs

public HTMLs()

Method Detail

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         String val)

Appends an attribute to the string buffer for HTML/XML (name="val"). If val is null or empty (if String), nothing is generated.

Note: XMLs.encodeAttribute(java.lang.String) is called automatically to encode val.

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         String val,
                                         boolean emptyIgnored)

Appends an attribute to the string buffer for HTML/XML (name="val"). If emptyIgnored is true and val is null or empty (if String), nothing is generated.

Note: XMLs.encodeAttribute(java.lang.String) is called automatically to encode val.

Parameters:

emptyIgnored - whether to ignore a null or empty string. If false, it is always generated (null is generated as "null").

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         int val)

Appends an attribute with a int value to the string buffer for HTML/XML (name="val").

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         long val)

Appends an attribute with a long value to the string buffer for HTML/XML (name="val").

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         double val)

Appends an attribute with a long value to the string buffer for HTML/XML (name="val").

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         short val)

Appends an attribute with a short value to the string buffer for HTML/XML (name="val").

appendAttribute

public static final void appendAttribute(StringBuffer sb,
                                         String name,
                                         boolean val)

Appends an attribute to the string buffer for HTML/XML (name="val").

appendStyle

public static final void appendStyle(StringBuffer sb,
                                     String name,
                                     String val)

Appends a style value to the string buffer for HTML/XML (name:"val";). If val is null or empty (if String), nothing is generated.

getSubstyleIndex

public static final int getSubstyleIndex(String style,
                                         String substyle)

Returns the position of the specified substyle, or -1 if not found.

Parameters:

style - the style

substyle - the sub-style, e.g., display.

Throws:

IllegalArgumentException - if style is null, or substyle is null or empty.

getSubstyleValue

public static final String getSubstyleValue(String style,
                                            int j)

Returns the value starting at the specified index (never null).

Note: the index is usually the returned vale of getSubstyleIndex(java.lang.String, java.lang.String).

Parameters:

style - the style

j - the index that the substyle starts at (including the style's name)

getTextRelevantStyle

public static final String getTextRelevantStyle(String style)

Retrieves text relevant CSS styles.

For example, if style is "border: 1px solid blue; font-size: 10px; padding: 3px; color: black;", then "font-size: 10px;color: black;" is returned.

Returns:

null if style is null. Otherwise, it never returns null.

isOrphanTag

public static final boolean isOrphanTag(String tagname)

Returns whether the specified tag is an 'orphan' tag. By orphan we mean it doesn't support the format of <xx> </xx>.

For example, br and img are orphan tags.

Parameters:

tagname - the tag name, e.g., br and tr.

encodeJavaScript

public static String encodeJavaScript(String input)

Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java

Returns backslash encoded numeric format. Does not use backslash character escapes such as, \" or \' as these may cause parsing problems. For example, if a javascript attribute, such as onmouseover, contains a \" that will close the entire attribute and allow an attacker to inject another script attribute.

Since:

7.0.2

encodeCharacter

public static String encodeCharacter(char[] immune,
                                     Character c)

Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java

Returns backslash encoded numeric format. Does not use backslash character escapes such as, \" or \' as these may cause parsing problems. For example, if a javascript attribute, such as onmouseover, contains a \" that will close the entire attribute and allow an attacker to inject another script attribute.

Since:

7.0.2