escape in ABAP and JavaScript
JavaScript in and ABAP escape
2023-09-14 09:02:48 时间
ABAP
IF_HTTP_UTILITY~ESCAPE_URL
JavaScript
开源的sanitizer库,Google搞的。
https://www.npmjs.com/package/sanitizer
sanitizer.escape(‘your dirty string’);
用于C4C:
在Java里使用这个JS library:
public class CajaSanitiser {
private final ScriptEngine engine;
private final Bindings bindings;
public CajaSanitiser() throws IOException, ScriptException {
this.engine = new ScriptEngineManager().getEngineByName("js");
this.bindings = engine.getBindings(ScriptContext.ENGINE_SCOPE);
String scriptName = "com/google/caja/plugin/html-css-sanitizer-minified.js";
try (BufferedReader reader = getReader(scriptName)) {
engine.eval(reader);
}
String identity = "function identity(value) {return value;}";
engine.eval(identity);
}
private BufferedReader getReader(String name) {
return new BufferedReader(new InputStreamReader(
getClass().getClassLoader().getResourceAsStream(name)));
}
public String sanitise(String htmlSource) throws ScriptException {
bindings.put("src", htmlSource);
// You can use other functions beside 'identity' if you
// want to transform the html.
// See https://code.google.com/p/google-caja/wiki/JsHtmlSanitizer
return (String) engine.eval("html_sanitize(src, identity, identity)");
}
public static void main(String[] args) throws Exception {
CajaSanitiser sanitiser = new CajaSanitiser();
String source = "<html>\n" +
"<head>\n" +
"<style>\n" +
"h1 {color:blue;}\n" +
"</style>\n" +
"</head>\n" +
"<body>\n" +
"<h1>A heading</h1>\n" +
"</body>\n" +
"</html>";
System.out.println("Original HTML with CSS:");
System.out.println(source);
System.out.println();
System.out.println("Sanitised HTML:");
System.out.println(sanitiser.sanitise(source));
}
}
Maven dependency:
<dependencies>
<dependency>
<groupId>caja</groupId>
<artifactId>caja</artifactId>
<version>r5127</version>
</dependency>
</dependencies>
要获取更多Jerry的原创文章,请关注公众号"汪子熙":
相关文章
- javascript for…in 和 for of区别详解编程语言
- MySQL排序技巧:使用IN指令(mysql根据in排序)
- Oracle中使用IN函数查找元素(oracle 函数 in)
- 如何在MySQL中代替IN关键字(mysql中代替in)
- MySQL中的IN查询的性能优化(mysql中in性能)
- Oracle数据库中的IN关键字深度剖析(oracle中in的详解)
- JavaScript使用prototype定义对象类型(转)[
- 用javascript实现鼠标框选
- 不错的用外部Javascript修正特定网页内容
- javascript下用for(in)语句获得所有style内容的脚本代码
- discuz中用到的javascript函数解析原创
- javascript火狐(firefox)不显示本地图片问题解决
- 优化JavaScript代码的方法小结
- JavaScript常用函数库详解
- javascript实现的仿51job地址多项选择方式效果
- 通过javascript设置css属性的代码
- JavaScript在网页上单击鼠标的地方显示层及关闭层
- javascript函数以及基础写法100多条实用整理
- 巧用局部变量提升javascript性能