@web-atoms/core
Version:
214 lines (174 loc) • 12.6 kB
text/typescript
// tslint:disable
export default function(type) {
return {
// When encoding do we convert characters into html or numerical entities
EncodeType : type || "entity", // entity OR numerical
isEmpty : function(val) {
if (val) {
return ((val === null) || val.length == 0 || /^\s+$/.test(val));
} else {
return true;
}
},
arr1: new Array(' ', '¡', '¢', '£', '¤', '¥', '¦', '§', '¨', '©', 'ª', '«', '¬', '­', '®', '¯', '°', '±', '²', '³', '´', 'µ', '¶', '·', '¸', '¹', 'º', '»', '¼', '½', '¾', '¿', 'À', 'Á', 'Â', 'Ã', 'Ä', 'Å', '&Aelig;', 'Ç', 'È', 'É', 'Ê', 'Ë', 'Ì', 'Í', 'Î', 'Ï', 'Ð', 'Ñ', 'Ò', 'Ó', 'Ô', 'Õ', 'Ö', '×', 'Ø', 'Ù', 'Ú', 'Û', 'Ü', 'Ý', 'Þ', 'ß', 'à', 'á', 'â', 'ã', 'ä', 'å', 'æ', 'ç', 'è', 'é', 'ê', 'ë', 'ì', 'í', 'î', 'ï', 'ð', 'ñ', 'ò', 'ó', 'ô', 'õ', 'ö', '÷', 'Ø', 'ù', 'ú', 'û', 'ü', 'ý', 'þ', 'ÿ', '"', '&', '<', '>', 'œ', 'œ', 'š', 'š', 'ÿ', 'ˆ', '˜', ' ', ' ', ' ', '‌', '‍', '‎', '‏', '–', '—', '‘', '’', '‚', '“', '”', '„', '†', '†', '‰', '‹', '›', '€', 'ƒ', 'α', 'β', 'γ', 'δ', 'ε', 'ζ', 'η', 'θ', 'ι', 'κ', 'λ', 'μ', 'ν', 'ξ', 'ο', 'π', 'ρ', 'σ', 'τ', 'υ', 'φ', 'χ', 'ψ', 'ω', 'α', 'β', 'γ', 'δ', 'ε', 'ζ', 'η', 'θ', 'ι', 'κ', 'λ', 'μ', 'ν', 'ξ', 'ο', 'π', 'ρ', 'ς', 'σ', 'τ', 'υ', 'φ', 'χ', 'ψ', 'ω', 'ϑ', 'ϒ', 'ϖ', '•', '…', '′', '′', '‾', '⁄', '℘', 'ℑ', 'ℜ', '™', 'ℵ', '←', '↑', '→', '↓', '↔', '↵', '←', '↑', '→', '↓', '↔', '∀', '∂', '∃', '∅', '∇', '∈', '∉', '∋', '∏', '∑', '−', '∗', '√', '∝', '∞', '∠', '∧', '∨', '∩', '∪', '∫', '∴', '∼', '≅', '≈', '≠', '≡', '≤', '≥', '⊂', '⊃', '⊄', '⊆', '⊇', '⊕', '⊗', '⊥', '⋅', '⌈', '⌉', '⌊', '⌋', '⟨', '⟩', '◊', '♠', '♣', '♥', '♦'),
arr2: new Array(' ', '¡', '¢', '£', '¤', '¥', '¦', '§', '¨', '©', 'ª', '«', '¬', '­', '®', '¯', '°', '±', '²', '³', '´', 'µ', '¶', '·', '¸', '¹', 'º', '»', '¼', '½', '¾', '¿', 'À', 'Á', 'Â', 'Ã', 'Ä', 'Å', 'Æ', 'Ç', 'È', 'É', 'Ê', 'Ë', 'Ì', 'Í', 'Î', 'Ï', 'Ð', 'Ñ', 'Ò', 'Ó', 'Ô', 'Õ', 'Ö', '×', 'Ø', 'Ù', 'Ú', 'Û', 'Ü', 'Ý', 'Þ', 'ß', 'à', 'á', 'â', 'ã', 'ä', 'å', 'æ', 'ç', 'è', 'é', 'ê', 'ë', 'ì', 'í', 'î', 'ï', 'ð', 'ñ', 'ò', 'ó', 'ô', 'õ', 'ö', '÷', 'ø', 'ù', 'ú', 'û', 'ü', 'ý', 'þ', 'ÿ', '"', '&', '<', '>', 'Œ', 'œ', 'Š', 'š', 'Ÿ', 'ˆ', '˜', ' ', ' ', ' ', '‌', '‍', '‎', '‏', '–', '—', '‘', '’', '‚', '“', '”', '„', '†', '‡', '‰', '‹', '›', '€', 'ƒ', 'Α', 'Β', 'Γ', 'Δ', 'Ε', 'Ζ', 'Η', 'Θ', 'Ι', 'Κ', 'Λ', 'Μ', 'Ν', 'Ξ', 'Ο', 'Π', 'Ρ', 'Σ', 'Τ', 'Υ', 'Φ', 'Χ', 'Ψ', 'Ω', 'α', 'β', 'γ', 'δ', 'ε', 'ζ', 'η', 'θ', 'ι', 'κ', 'λ', 'μ', 'ν', 'ξ', 'ο', 'π', 'ρ', 'ς', 'σ', 'τ', 'υ', 'φ', 'χ', 'ψ', 'ω', 'ϑ', 'ϒ', 'ϖ', '•', '…', '′', '″', '‾', '⁄', '℘', 'ℑ', 'ℜ', '™', 'ℵ', '←', '↑', '→', '↓', '↔', '↵', '⇐', '⇑', '⇒', '⇓', '⇔', '∀', '∂', '∃', '∅', '∇', '∈', '∉', '∋', '∏', '∑', '−', '∗', '√', '∝', '∞', '∠', '∧', '∨', '∩', '∪', '∫', '∴', '∼', '≅', '≈', '≠', '≡', '≤', '≥', '⊂', '⊃', '⊄', '⊆', '⊇', '⊕', '⊗', '⊥', '⋅', '⌈', '⌉', '⌊', '⌋', '〈', '〉', '◊', '♠', '♣', '♥', '♦'),
// Convert HTML entities into numerical entities
HTML2Numerical : function(s) {
return this.swapArrayVals(s, this.arr1, this.arr2);
},
// Convert Numerical entities into HTML entities
NumericalToHTML : function(s) {
return this.swapArrayVals(s, this.arr2, this.arr1);
},
// Numerically encodes all unicode characters
numEncode : function(s) {
if (this.isEmpty(s)) return s;
var e = "";
for (var i = 0; i < s.length; i++) {
var c = s.charAt(i);
if (c < " " || c > "~") {
c = "&#" + c.charCodeAt() + ";";
}
e += c;
}
return e;
},
// HTML Decode numerical and HTML entities back to original values
htmlDecode : function(s) {
var arr,c,m,d = s;
if (this.isEmpty(d)) return d;
// convert HTML entites back to numerical entites first
d = this.HTML2Numerical(d);
// look for numerical entities "
arr = d.match(/&#[0-9]{1,5};/g);
// if no matches found in string then skip
if (arr != null) {
for (var x = 0; x < arr.length; x++) {
m = arr[x];
c = m.substring(2, m.length - 1); //get numeric part which is refernce to unicode character
// if its a valid number we can decode
if (c >= -32768 && c <= 65535) {
// decode every single match within string
d = d.replace(m, String.fromCharCode(c));
} else {
d = d.replace(m, ""); //invalid so replace with nada
}
}
}
return d;
},
// encode an input string into either numerical or HTML entities
htmlEncode : function(s, dbl) {
if(s.url) {
s = s.url;
}
if (this.isEmpty(s)) return s;
// do we allow double encoding? E.g will & be turned into &amp;
dbl = dbl || false; //default to prevent double encoding
// if allowing double encoding we do ampersands first
if (dbl) {
if (this.EncodeType == "numerical") {
s = s.replace(/&/g, "&");
} else {
s = s.replace(/&/g, "&");
}
}
// convert the xss chars to numerical entities ' " < >
s = this.XSSEncode(s, false);
if (this.EncodeType == "numerical" || !dbl) {
// Now call function that will convert any HTML entities to numerical codes
s = this.HTML2Numerical(s);
}
// Now encode all chars above 127 e.g unicode
s = this.numEncode(s);
// now we know anything that needs to be encoded has been converted to numerical entities we
// can encode any ampersands & that are not part of encoded entities
// to handle the fact that I need to do a negative check and handle multiple ampersands &&&
// I am going to use a placeholder
// if we don't want double encoded entities we ignore the & in existing entities
if (!dbl) {
s = s.replace(/&#/g, "##AMPHASH##");
if (this.EncodeType == "numerical") {
s = s.replace(/&/g, "&");
} else {
s = s.replace(/&/g, "&");
}
s = s.replace(/##AMPHASH##/g, "&#");
}
// replace any malformed entities
s = s.replace(/&#\d*([^\d;]|$)/g, "$1");
if (!dbl) {
// safety check to correct any double encoded &
s = this.correctEncoding(s);
}
// now do we need to convert our numerical encoded string into entities
if (this.EncodeType == "entity") {
s = this.NumericalToHTML(s);
}
return s;
},
// Encodes the basic 4 characters used to malform HTML in XSS hacks
XSSEncode : function(s, en) {
if (!this.isEmpty(s)) {
en = en || true;
// do we convert to numerical or html entity?
if (en) {
s = s.replace(/\'/g, "'"); //no HTML equivalent as &apos is not cross browser supported
s = s.replace(/\"/g, """);
s = s.replace(/</g, "<");
s = s.replace(/>/g, ">");
} else {
s = s.replace(/\'/g, "'"); //no HTML equivalent as &apos is not cross browser supported
s = s.replace(/\"/g, """);
s = s.replace(/</g, "<");
s = s.replace(/>/g, ">");
}
return s;
} else {
return s;
}
},
// returns true if a string contains html or numerical encoded entities
hasEncoded : function(s) {
if (/&#[0-9]{1,5};/g.test(s)) {
return true;
} else if (/&[A-Z]{2,6};/gi.test(s)) {
return true;
} else {
return false;
}
},
// will remove any unicode characters
stripUnicode : function(s) {
return s.replace(/[^\x20-\x7E]/g, "");
},
// corrects any double encoded & entities e.g &amp;
correctEncoding : function(s) {
return s.replace(/(&)(amp;)+/, "$1");
},
// Function to loop through an array swaping each item with the value from another array e.g swap HTML entities with Numericals
swapArrayVals : function(s, arr1, arr2) {
if (this.isEmpty(s)) return s;
var re;
if (arr1 && arr2) {
//ShowDebug("in swapArrayVals arr1.length = " + arr1.length + " arr2.length = " + arr2.length)
// array lengths must match
if (arr1.length == arr2.length) {
for (var x = 0,i = arr1.length; x < i; x++) {
re = new RegExp(arr1[x], 'g');
s = s.replace(re, arr2[x]); //swap arr1 item with matching item from arr2
}
}
}
return s;
},
inArray : function(item, arr) {
for (var i = 0, x = arr.length; i < x; i++) {
if (arr[i] === item) {
return i;
}
}
return -1;
}
}
}