src/vendor/pulldown-cmark-0.0.15/src/escape.rs

   1 // Copyright 2015 Google Inc. All rights reserved.
   2 //
   3 // Permission is hereby granted, free of charge, to any person obtaining a copy
   4 // of this software and associated documentation files (the "Software"), to deal
   5 // in the Software without restriction, including without limitation the rights
   6 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
   7 // copies of the Software, and to permit persons to whom the Software is
   8 // furnished to do so, subject to the following conditions:
   9 //
  10 // The above copyright notice and this permission notice shall be included in
  11 // all copies or substantial portions of the Software.
  12 //
  13 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  14 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  15 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  16 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  17 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  18 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  19 // THE SOFTWARE.
  20
  21 //! Utility functions for HTML escaping
  22
  23 use std::str::from_utf8;
  24
  25 static HREF_SAFE: [u8; 128] = [
  26         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  27         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  28         0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1,
  29         1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1,
  30         1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  31         1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1,
  32         0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  33         1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
  34     ];
  35
  36 static HEX_CHARS: &'static [u8] = b"0123456789ABCDEF";
  37
  38 pub fn escape_href(ob: &mut String, s: &str) {
  39     let mut mark = 0;
  40     for i in 0..s.len() {
  41         let c = s.as_bytes()[i];
  42         if c >= 0x80 || HREF_SAFE[c as usize] == 0 {
  43             // character needing escape
  44
  45             // write partial substring up to mark
  46             if mark < i {
  47                 ob.push_str(&s[mark..i]);
  48             }
  49             match c {
  50                 b'&' => {
  51                     ob.push_str("&amp;");
  52                 },
  53                 b'\'' => {
  54                     ob.push_str("&#x27;");
  55                 },
  56                 _ => {
  57                     let mut buf = [0u8; 3];
  58                     buf[0] = b'%';
  59                     buf[1] = HEX_CHARS[((c as usize) >> 4) & 0xF];
  60                     buf[2] = HEX_CHARS[(c as usize) & 0xF];
  61                     ob.push_str(from_utf8(&buf).unwrap());
  62                 }
  63             }
  64             mark = i + 1;  // all escaped characters are ASCII
  65         }
  66     }
  67     ob.push_str(&s[mark..]);
  68 }
  69
  70 static HTML_ESCAPE_TABLE: [u8; 256] = [
  71         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  72         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  73         0, 0, 1, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 3,
  74         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 5, 0,
  75         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  76         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  77         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  78         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  79         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  80         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  81         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  82         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  83         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  84         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  85         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  86         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  87     ];
  88
  89 static HTML_ESCAPES: [&'static str; 6] = [
  90         "",
  91         "&quot;",
  92         "&amp;",
  93         "&#47;",
  94         "&lt;",
  95         "&gt;"
  96     ];
  97
  98 pub fn escape_html(ob: &mut String, s: &str, secure: bool) {
  99     let size = s.len();
 100     let bytes = s.as_bytes();
 101     let mut mark = 0;
 102     let mut i = 0;
 103     while i < size {
 104         match bytes[i..].iter().position(|&c| HTML_ESCAPE_TABLE[c as usize] != 0) {
 105             Some(pos) => {
 106                 i += pos;
 107             }
 108             None => break
 109         }
 110         let c = bytes[i];
 111         let escape = HTML_ESCAPE_TABLE[c as usize];
 112         if escape != 0 && (secure || c != b'/') {
 113             ob.push_str(&s[mark..i]);
 114             ob.push_str(HTML_ESCAPES[escape as usize]);
 115             mark = i + 1;  // all escaped characters are ASCII
 116         }
 117         i += 1;
 118     }
 119     ob.push_str(&s[mark..]);
 120 }