UNPKG

htmlyer

Version:

htmlyer

github.com/iGdea/htmlyer/tree/master/packages/htmlyer

iGdea/htmlyer

103 lines (102 loc) 7.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.input2html = exports.jsonStringify = exports.urlEncode = exports.jsEncode = exports.htmlEncode = void 0; var spCharCodes = "[\\u0000-\\u001F]|\\u00F1|\\u000B|\\u000C|\\u00A0|\\uFEFF|\\u1680|\\u180E|[\\u2000-\\u200F]|\\u2028|\\u2029|\\u202F|\\u205F|\\u3000"; function getStrValue(str) { if (str === null || str === undefined || typeof str == 'function') { str = ''; } else { str += ''; } return str; } var HtmlEscapeMap = { '&': '&amp;', '<': '&lt;', '>': '&gt;', '"': '&quot;', "'": '&#x27;', '`': '&#x60;', '\\': '&#92;' }; function escapeMap2RegExpStr(escapeMap) { return Object.keys(escapeMap).map(function (v) { return { '\\': '\\\\', '\n': '\\n', '\r': '\\r' }[v] || v; }).join('|'); } exports.htmlEncode = function () { var escapeMap = Object.assign({}, HtmlEscapeMap); var reg = new RegExp(escapeMap2RegExpStr(escapeMap), 'g'); function rp(all) { return escapeMap[all] || ''; } return function (str) { str = getStrValue(str); if (!str) return str; return str.replace(reg, rp); }; }(); exports.jsEncode = function () { // 可以再添加一个\/ 主要是防止// 或则/**/这些组合注释 (有一个地方没有encode,可能会导致一片代码被波及) var escapeMap = { '\n': '\\n', '\r': '\\r', '\\': '\\\\', '/': '\\/', '"': '\\"', "'": "\\'", '>': '\\>', // 增加> | < 防止在script标签中,中xss '<': "\\u003c", '`': '\\`' }; var reg = new RegExp(escapeMap2RegExpStr(escapeMap) + '|' + spCharCodes, 'g'); function rp(str) { return escapeMap[str] || "\\u" + str.charCodeAt(0).toString(16).padStart(4, '0'); } return function (str) { str = getStrValue(str); if (!str) return str; return str.replace(reg, rp); }; }(); function urlEncode(str) { str = getStrValue(str); if (!str) return str; return encodeURIComponent(str); } exports.urlEncode = urlEncode; exports.jsonStringify = function () { var scriptTagReg = /</g; return function (data, replacer, space) { var result = JSON.stringify(data, replacer, space); if (!result) return ''; // 防</script> xss // 由于stringify本身就会对里面的数据进行一些encode // 而且都是jsEncode类型,所以不担心htmlEncode分支 return result.replace(scriptTagReg, "\\u003c"); }; }(); exports.input2html = function () { var escapeMap = Object.assign(Object.assign({}, HtmlEscapeMap), { ' ': '&nbsp;', '\n': '<br/>', '\r': '' }); var reg = new RegExp(escapeMap2RegExpStr(escapeMap) + '|' + spCharCodes, 'g'); function rp(all) { return escapeMap[all] || '&#' + all.charCodeAt(0) + ';'; } return function (str) { str = getStrValue(str); if (!str) return str; return str.replace(reg, rp); }; }(); //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJzcENoYXJDb2RlcyIsImdldFN0clZhbHVlIiwic3RyIiwidW5kZWZpbmVkIiwiSHRtbEVzY2FwZU1hcCIsImVzY2FwZU1hcDJSZWdFeHBTdHIiLCJlc2NhcGVNYXAiLCJPYmplY3QiLCJrZXlzIiwibWFwIiwidiIsImpvaW4iLCJleHBvcnRzIiwiaHRtbEVuY29kZSIsImFzc2lnbiIsInJlZyIsIlJlZ0V4cCIsInJwIiwiYWxsIiwicmVwbGFjZSIsImpzRW5jb2RlIiwiY2hhckNvZGVBdCIsInRvU3RyaW5nIiwicGFkU3RhcnQiLCJ1cmxFbmNvZGUiLCJlbmNvZGVVUklDb21wb25lbnQiLCJqc29uU3RyaW5naWZ5Iiwic2NyaXB0VGFnUmVnIiwiZGF0YSIsInJlcGxhY2VyIiwic3BhY2UiLCJyZXN1bHQiLCJKU09OIiwic3RyaW5naWZ5IiwiaW5wdXQyaHRtbCJdLCJzb3VyY2VzIjpbIi4uL3NyYy9pbmRleC50cyJdLCJzb3VyY2VzQ29udGVudCI6W251bGxdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsSUFBTUEsV0FBVyxHQUFHLHFJQUFxSTtBQUd6SixTQUFTQyxXQUFXQSxDQUFDQyxHQUFRO0VBQzNCLElBQUlBLEdBQUcsS0FBSyxJQUFJLElBQUlBLEdBQUcsS0FBS0MsU0FBUyxJQUFJLE9BQU9ELEdBQUcsSUFBSSxVQUFVLEVBQUU7SUFDakVBLEdBQUcsR0FBRyxFQUFFO0VBQ1YsQ0FBQyxNQUFNO0lBQ0xBLEdBQUcsSUFBSSxFQUFFO0VBQ1g7RUFFQSxPQUFPQSxHQUFHO0FBQ1o7QUFNQSxJQUFNRSxhQUFhLEdBQWM7RUFDL0IsR0FBRyxFQUFFLE9BQU87RUFDWixHQUFHLEVBQUUsTUFBTTtFQUNYLEdBQUcsRUFBRSxNQUFNO0VBQ1gsR0FBRyxFQUFFLFFBQVE7RUFDYixHQUFHLEVBQUUsUUFBUTtFQUNiLEdBQUcsRUFBRSxRQUFRO0VBQ2IsSUFBSSxFQUFFO0NBQ1A7QUFHRCxTQUFTQyxtQkFBbUJBLENBQUNDLFNBQW9CO0VBQy9DLE9BQU9DLE1BQU0sQ0FBQ0MsSUFBSSxDQUFDRixTQUFTLENBQUMsQ0FDMUJHLEdBQUcsQ0FBQyxVQUFBQyxDQUFDO0lBQUEsT0FBSztNQUNULElBQUksRUFBRSxNQUFNO01BQ1osSUFBSSxFQUFFLEtBQUs7TUFDWCxJQUFJLEVBQUU7S0FDUCxDQUFDQSxDQUFDLENBQUMsSUFBSUEsQ0FBQztFQUFBLENBQUMsQ0FBQyxDQUNWQyxJQUFJLENBQUMsR0FBRyxDQUFDO0FBQ2Q7QUFFYUMsT0FBQSxDQUFBQyxVQUFVLEdBQUk7RUFDekIsSUFBTVAsU0FBUyxHQUFBQyxNQUFBLENBQUFPLE1BQUEsS0FDVlYsYUFBYSxDQUNqQjtFQUVELElBQU1XLEdBQUcsR0FBRyxJQUFJQyxNQUFNLENBQUNYLG1CQUFtQixDQUFDQyxTQUFTLENBQUMsRUFBRSxHQUFHLENBQUM7RUFFM0QsU0FBU1csRUFBRUEsQ0FBQ0MsR0FBVztJQUNyQixPQUFPWixTQUFTLENBQUNZLEdBQUcsQ0FBQyxJQUFJLEVBQUU7RUFDN0I7RUFFQSxPQUFPLFVBQVNoQixHQUFRO0lBQ3RCQSxHQUFHLEdBQUdELFdBQVcsQ0FBQ0MsR0FBRyxDQUFDO0lBQ3RCLElBQUksQ0FBQ0EsR0FBRyxFQUFFLE9BQU9BLEdBQUc7SUFFcEIsT0FBT0EsR0FBRyxDQUFDaUIsT0FBTyxDQUFDSixHQUFHLEVBQUVFLEVBQUUsQ0FBQztFQUM3QixDQUFDO0FBQ0gsQ0FBQyxDQUFDLENBQUU7QUFHU0wsT0FBQSxDQUFBUSxRQUFRLEdBQUk7RUFDdkI7RUFDQSxJQUFNZCxTQUFTLEdBQWM7SUFDM0IsSUFBSSxFQUFFLEtBQUs7SUFDWCxJQUFJLEVBQUUsS0FBSztJQUNYLElBQUksRUFBRSxNQUFNO0lBRVosR0FBRyxFQUFFLEtBQUs7SUFDVixHQUFHLEVBQUUsS0FBSztJQUNWLEdBQUcsRUFBRSxLQUFLO0lBQ1YsR0FBRyxFQUFFLEtBQUs7SUFDVjtJQUNBLEdBQUcsRUFBRSxTQUFTO0lBRWQsR0FBRyxFQUFFO0dBQ047RUFFRCxJQUFNUyxHQUFHLEdBQUcsSUFBSUMsTUFBTSxDQUFDWCxtQkFBbUIsQ0FBQ0MsU0FBUyxDQUFDLEdBQUcsR0FBRyxHQUFHTixXQUFXLEVBQUUsR0FBRyxDQUFDO0VBRS9FLFNBQVNpQixFQUFFQSxDQUFDZixHQUFXO0lBQ3JCLE9BQU9JLFNBQVMsQ0FBQ0osR0FBRyxDQUFDLElBQUksS0FBSyxHQUFHQSxHQUFHLENBQUNtQixVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUNDLFFBQVEsQ0FBQyxFQUFFLENBQUMsQ0FBQ0MsUUFBUSxDQUFDLENBQUMsRUFBRSxHQUFHLENBQUM7RUFDbEY7RUFFQSxPQUFPLFVBQVNyQixHQUFRO0lBQ3RCQSxHQUFHLEdBQUdELFdBQVcsQ0FBQ0MsR0FBRyxDQUFDO0lBQ3RCLElBQUksQ0FBQ0EsR0FBRyxFQUFFLE9BQU9BLEdBQUc7SUFFcEIsT0FBT0EsR0FBRyxDQUFDaUIsT0FBTyxDQUFDSixHQUFHLEVBQUVFLEVBQUUsQ0FBQztFQUM3QixDQUFDO0FBQ0gsQ0FBQyxDQUFDLENBQUU7QUFFSixTQUFnQk8sU0FBU0EsQ0FBQ3RCLEdBQVE7RUFDaENBLEdBQUcsR0FBR0QsV0FBVyxDQUFDQyxHQUFHLENBQUM7RUFDdEIsSUFBSSxDQUFDQSxHQUFHLEVBQUUsT0FBT0EsR0FBRztFQUVwQixPQUFPdUIsa0JBQWtCLENBQUN2QixHQUFHLENBQUM7QUFDaEM7QUFMQVUsT0FBQSxDQUFBWSxTQUFBLEdBQUFBLFNBQUE7QUFRYVosT0FBQSxDQUFBYyxhQUFhLEdBQUk7RUFDNUIsSUFBTUMsWUFBWSxHQUFHLElBQUk7RUFFekIsT0FBTyxVQUFTQyxJQUFTLEVBQUVDLFFBQWMsRUFBRUMsS0FBYztJQUN2RCxJQUFNQyxNQUFNLEdBQUdDLElBQUksQ0FBQ0MsU0FBUyxDQUFDTCxJQUFJLEVBQUVDLFFBQVEsRUFBRUMsS0FBSyxDQUFDO0lBQ3BELElBQUksQ0FBQ0MsTUFBTSxFQUFFLE9BQU8sRUFBRTtJQUV0QjtJQUNBO0lBQ0E7SUFDQSxPQUFPQSxNQUFNLENBQUNaLE9BQU8sQ0FBQ1EsWUFBWSxFQUFFLFNBQVMsQ0FBQztFQUNoRCxDQUFDO0FBQ0gsQ0FBQyxDQUFDLENBQUU7QUFHU2YsT0FBQSxDQUFBc0IsVUFBVSxHQUFJO0VBQ3pCLElBQU01QixTQUFTLEdBQUFDLE1BQUEsQ0FBQU8sTUFBQSxDQUFBUCxNQUFBLENBQUFPLE1BQUEsS0FDVlYsYUFBYTtJQUVoQixHQUFHLEVBQUUsUUFBUTtJQUNiLElBQUksRUFBRSxPQUFPO0lBQ2IsSUFBSSxFQUFFO0VBQUUsRUFDVDtFQUVELElBQU1XLEdBQUcsR0FBRyxJQUFJQyxNQUFNLENBQUNYLG1CQUFtQixDQUFDQyxTQUFTLENBQUMsR0FBRyxHQUFHLEdBQUdOLFdBQVcsRUFBRSxHQUFHLENBQUM7RUFFL0UsU0FBU2lCLEVBQUVBLENBQUNDLEdBQVc7SUFDckIsT0FBT1osU0FBUyxDQUFDWSxHQUFHLENBQUMsSUFBSSxJQUFJLEdBQUdBLEdBQUcsQ0FBQ0csVUFBVSxDQUFDLENBQUMsQ0FBQyxHQUFHLEdBQUc7RUFDekQ7RUFFQSxPQUFPLFVBQVNuQixHQUFRO0lBQ3RCQSxHQUFHLEdBQUdELFdBQVcsQ0FBQ0MsR0FBRyxDQUFDO0lBQ3RCLElBQUksQ0FBQ0EsR0FBRyxFQUFFLE9BQU9BLEdBQUc7SUFFcEIsT0FBT0EsR0FBRyxDQUFDaUIsT0FBTyxDQUFDSixHQUFHLEVBQUVFLEVBQUUsQ0FBQztFQUM3QixDQUFDO0FBQ0gsQ0FBQyxDQUFDLENBQUUiLCJpZ25vcmVMaXN0IjpbXX0=