selenium-webdriver

Version:

The official WebDriver JavaScript bindings from the Selenium project

1 lines • 68.5 kB

HTML

<!DOCTYPE html><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no"><meta http-equiv="Content-Language" content="en"><meta http-equiv="X-UA-Compatible" content="IE=edge"><title>safehtml.js</title><link href="../../../../dossier.css" rel="stylesheet" type="text/css"><header><div><form><div><input type="search" placeholder="Search" tabindex="1"></div></form></div></header><main><article class="srcfile"><h1>lib/goog/html/safehtml.js</h1><div><table><tr><td><a id="l1"></a><a href="#l1">1</a><td>// Copyright 2013 The Closure Library Authors. All Rights Reserved.<tr><td><a id="l2"></a><a href="#l2">2</a><td>//<tr><td><a id="l3"></a><a href="#l3">3</a><td>// Licensed under the Apache License, Version 2.0 (the "License");<tr><td><a id="l4"></a><a href="#l4">4</a><td>// you may not use this file except in compliance with the License.<tr><td><a id="l5"></a><a href="#l5">5</a><td>// You may obtain a copy of the License at<tr><td><a id="l6"></a><a href="#l6">6</a><td>//<tr><td><a id="l7"></a><a href="#l7">7</a><td>// http://www.apache.org/licenses/LICENSE-2.0<tr><td><a id="l8"></a><a href="#l8">8</a><td>//<tr><td><a id="l9"></a><a href="#l9">9</a><td>// Unless required by applicable law or agreed to in writing, software<tr><td><a id="l10"></a><a href="#l10">10</a><td>// distributed under the License is distributed on an "AS-IS" BASIS,<tr><td><a id="l11"></a><a href="#l11">11</a><td>// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.<tr><td><a id="l12"></a><a href="#l12">12</a><td>// See the License for the specific language governing permissions and<tr><td><a id="l13"></a><a href="#l13">13</a><td>// limitations under the License.<tr><td><a id="l14"></a><a href="#l14">14</a><td><tr><td><a id="l15"></a><a href="#l15">15</a><td><tr><td><a id="l16"></a><a href="#l16">16</a><td>/**<tr><td><a id="l17"></a><a href="#l17">17</a><td> * @fileoverview The SafeHtml type and its builders.<tr><td><a id="l18"></a><a href="#l18">18</a><td> *<tr><td><a id="l19"></a><a href="#l19">19</a><td> * TODO(xtof): Link to document stating type contract.<tr><td><a id="l20"></a><a href="#l20">20</a><td> */<tr><td><a id="l21"></a><a href="#l21">21</a><td><tr><td><a id="l22"></a><a href="#l22">22</a><td>goog.provide('goog.html.SafeHtml');<tr><td><a id="l23"></a><a href="#l23">23</a><td><tr><td><a id="l24"></a><a href="#l24">24</a><td>goog.require('goog.array');<tr><td><a id="l25"></a><a href="#l25">25</a><td>goog.require('goog.asserts');<tr><td><a id="l26"></a><a href="#l26">26</a><td>goog.require('goog.dom.TagName');<tr><td><a id="l27"></a><a href="#l27">27</a><td>goog.require('goog.dom.tags');<tr><td><a id="l28"></a><a href="#l28">28</a><td>goog.require('goog.html.SafeStyle');<tr><td><a id="l29"></a><a href="#l29">29</a><td>goog.require('goog.html.SafeStyleSheet');<tr><td><a id="l30"></a><a href="#l30">30</a><td>goog.require('goog.html.SafeUrl');<tr><td><a id="l31"></a><a href="#l31">31</a><td>goog.require('goog.html.TrustedResourceUrl');<tr><td><a id="l32"></a><a href="#l32">32</a><td>goog.require('goog.i18n.bidi.Dir');<tr><td><a id="l33"></a><a href="#l33">33</a><td>goog.require('goog.i18n.bidi.DirectionalString');<tr><td><a id="l34"></a><a href="#l34">34</a><td>goog.require('goog.object');<tr><td><a id="l35"></a><a href="#l35">35</a><td>goog.require('goog.string');<tr><td><a id="l36"></a><a href="#l36">36</a><td>goog.require('goog.string.Const');<tr><td><a id="l37"></a><a href="#l37">37</a><td>goog.require('goog.string.TypedString');<tr><td><a id="l38"></a><a href="#l38">38</a><td><tr><td><a id="l39"></a><a href="#l39">39</a><td><tr><td><a id="l40"></a><a href="#l40">40</a><td><tr><td><a id="l41"></a><a href="#l41">41</a><td>/**<tr><td><a id="l42"></a><a href="#l42">42</a><td> * A string that is safe to use in HTML context in DOM APIs and HTML documents.<tr><td><a id="l43"></a><a href="#l43">43</a><td> *<tr><td><a id="l44"></a><a href="#l44">44</a><td> * A SafeHtml is a string-like object that carries the security type contract<tr><td><a id="l45"></a><a href="#l45">45</a><td> * that its value as a string will not cause untrusted script execution when<tr><td><a id="l46"></a><a href="#l46">46</a><td> * evaluated as HTML in a browser.<tr><td><a id="l47"></a><a href="#l47">47</a><td> *<tr><td><a id="l48"></a><a href="#l48">48</a><td> * Values of this type are guaranteed to be safe to use in HTML contexts,<tr><td><a id="l49"></a><a href="#l49">49</a><td> * such as, assignment to the innerHTML DOM property, or interpolation into<tr><td><a id="l50"></a><a href="#l50">50</a><td> * a HTML template in HTML PC_DATA context, in the sense that the use will not<tr><td><a id="l51"></a><a href="#l51">51</a><td> * result in a Cross-Site-Scripting vulnerability.<tr><td><a id="l52"></a><a href="#l52">52</a><td> *<tr><td><a id="l53"></a><a href="#l53">53</a><td> * Instances of this type must be created via the factory methods<tr><td><a id="l54"></a><a href="#l54">54</a><td> * ({@code goog.html.SafeHtml.create}, {@code goog.html.SafeHtml.htmlEscape}),<tr><td><a id="l55"></a><a href="#l55">55</a><td> * etc and not by invoking its constructor. The constructor intentionally<tr><td><a id="l56"></a><a href="#l56">56</a><td> * takes no parameters and the type is immutable; hence only a default instance<tr><td><a id="l57"></a><a href="#l57">57</a><td> * corresponding to the empty string can be obtained via constructor invocation.<tr><td><a id="l58"></a><a href="#l58">58</a><td> *<tr><td><a id="l59"></a><a href="#l59">59</a><td> * @see goog.html.SafeHtml#create<tr><td><a id="l60"></a><a href="#l60">60</a><td> * @see goog.html.SafeHtml#htmlEscape<tr><td><a id="l61"></a><a href="#l61">61</a><td> * @constructor<tr><td><a id="l62"></a><a href="#l62">62</a><td> * @final<tr><td><a id="l63"></a><a href="#l63">63</a><td> * @struct<tr><td><a id="l64"></a><a href="#l64">64</a><td> * @implements {goog.i18n.bidi.DirectionalString}<tr><td><a id="l65"></a><a href="#l65">65</a><td> * @implements {goog.string.TypedString}<tr><td><a id="l66"></a><a href="#l66">66</a><td> */<tr><td><a id="l67"></a><a href="#l67">67</a><td>goog.html.SafeHtml = function() {<tr><td><a id="l68"></a><a href="#l68">68</a><td> /**<tr><td><a id="l69"></a><a href="#l69">69</a><td> * The contained value of this SafeHtml. The field has a purposely ugly<tr><td><a id="l70"></a><a href="#l70">70</a><td> * name to make (non-compiled) code that attempts to directly access this<tr><td><a id="l71"></a><a href="#l71">71</a><td> * field stand out.<tr><td><a id="l72"></a><a href="#l72">72</a><td> * @private {string}<tr><td><a id="l73"></a><a href="#l73">73</a><td> */<tr><td><a id="l74"></a><a href="#l74">74</a><td> this.privateDoNotAccessOrElseSafeHtmlWrappedValue_ = '';<tr><td><a id="l75"></a><a href="#l75">75</a><td><tr><td><a id="l76"></a><a href="#l76">76</a><td> /**<tr><td><a id="l77"></a><a href="#l77">77</a><td> * A type marker used to implement additional run-time type checking.<tr><td><a id="l78"></a><a href="#l78">78</a><td> * @see goog.html.SafeHtml#unwrap<tr><td><a id="l79"></a><a href="#l79">79</a><td> * @const<tr><td><a id="l80"></a><a href="#l80">80</a><td> * @private<tr><td><a id="l81"></a><a href="#l81">81</a><td> */<tr><td><a id="l82"></a><a href="#l82">82</a><td> this.SAFE_HTML_TYPE_MARKER_GOOG_HTML_SECURITY_PRIVATE_ =<tr><td><a id="l83"></a><a href="#l83">83</a><td> goog.html.SafeHtml.TYPE_MARKER_GOOG_HTML_SECURITY_PRIVATE_;<tr><td><a id="l84"></a><a href="#l84">84</a><td><tr><td><a id="l85"></a><a href="#l85">85</a><td> /**<tr><td><a id="l86"></a><a href="#l86">86</a><td> * This SafeHtml's directionality, or null if unknown.<tr><td><a id="l87"></a><a href="#l87">87</a><td> * @private {?goog.i18n.bidi.Dir}<tr><td><a id="l88"></a><a href="#l88">88</a><td> */<tr><td><a id="l89"></a><a href="#l89">89</a><td> this.dir_ = null;<tr><td><a id="l90"></a><a href="#l90">90</a><td>};<tr><td><a id="l91"></a><a href="#l91">91</a><td><tr><td><a id="l92"></a><a href="#l92">92</a><td><tr><td><a id="l93"></a><a href="#l93">93</a><td>/**<tr><td><a id="l94"></a><a href="#l94">94</a><td> * @override<tr><td><a id="l95"></a><a href="#l95">95</a><td> * @const<tr><td><a id="l96"></a><a href="#l96">96</a><td> */<tr><td><a id="l97"></a><a href="#l97">97</a><td>goog.html.SafeHtml.prototype.implementsGoogI18nBidiDirectionalString = true;<tr><td><a id="l98"></a><a href="#l98">98</a><td><tr><td><a id="l99"></a><a href="#l99">99</a><td><tr><td><a id="l100"></a><a href="#l100">100</a><td>/** @override */<tr><td><a id="l101"></a><a href="#l101">101</a><td>goog.html.SafeHtml.prototype.getDirection = function() {<tr><td><a id="l102"></a><a href="#l102">102</a><td> return this.dir_;<tr><td><a id="l103"></a><a href="#l103">103</a><td>};<tr><td><a id="l104"></a><a href="#l104">104</a><td><tr><td><a id="l105"></a><a href="#l105">105</a><td><tr><td><a id="l106"></a><a href="#l106">106</a><td>/**<tr><td><a id="l107"></a><a href="#l107">107</a><td> * @override<tr><td><a id="l108"></a><a href="#l108">108</a><td> * @const<tr><td><a id="l109"></a><a href="#l109">109</a><td> */<tr><td><a id="l110"></a><a href="#l110">110</a><td>goog.html.SafeHtml.prototype.implementsGoogStringTypedString = true;<tr><td><a id="l111"></a><a href="#l111">111</a><td><tr><td><a id="l112"></a><a href="#l112">112</a><td><tr><td><a id="l113"></a><a href="#l113">113</a><td>/**<tr><td><a id="l114"></a><a href="#l114">114</a><td> * Returns this SafeHtml's value a string.<tr><td><a id="l115"></a><a href="#l115">115</a><td> *<tr><td><a id="l116"></a><a href="#l116">116</a><td> * IMPORTANT: In code where it is security relevant that an object's type is<tr><td><a id="l117"></a><a href="#l117">117</a><td> * indeed {@code SafeHtml}, use {@code goog.html.SafeHtml.unwrap} instead of<tr><td><a id="l118"></a><a href="#l118">118</a><td> * this method. If in doubt, assume that it's security relevant. In particular,<tr><td><a id="l119"></a><a href="#l119">119</a><td> * note that goog.html functions which return a goog.html type do not guarantee<tr><td><a id="l120"></a><a href="#l120">120</a><td> * that the returned instance is of the right type. For example:<tr><td><a id="l121"></a><a href="#l121">121</a><td> *<tr><td><a id="l122"></a><a href="#l122">122</a><td> * <pre><tr><td><a id="l123"></a><a href="#l123">123</a><td> * var fakeSafeHtml = new String('fake');<tr><td><a id="l124"></a><a href="#l124">124</a><td> * fakeSafeHtml.__proto__ = goog.html.SafeHtml.prototype;<tr><td><a id="l125"></a><a href="#l125">125</a><td> * var newSafeHtml = goog.html.SafeHtml.htmlEscape(fakeSafeHtml);<tr><td><a id="l126"></a><a href="#l126">126</a><td> * // newSafeHtml is just an alias for fakeSafeHtml, it's passed through by<tr><td><a id="l127"></a><a href="#l127">127</a><td> * // goog.html.SafeHtml.htmlEscape() as fakeSafeHtml<tr><td><a id="l128"></a><a href="#l128">128</a><td> * // instanceof goog.html.SafeHtml.<tr><td><a id="l129"></a><a href="#l129">129</a><td> * </pre><tr><td><a id="l130"></a><a href="#l130">130</a><td> *<tr><td><a id="l131"></a><a href="#l131">131</a><td> * @see goog.html.SafeHtml#unwrap<tr><td><a id="l132"></a><a href="#l132">132</a><td> * @override<tr><td><a id="l133"></a><a href="#l133">133</a><td> */<tr><td><a id="l134"></a><a href="#l134">134</a><td>goog.html.SafeHtml.prototype.getTypedStringValue = function() {<tr><td><a id="l135"></a><a href="#l135">135</a><td> return this.privateDoNotAccessOrElseSafeHtmlWrappedValue_;<tr><td><a id="l136"></a><a href="#l136">136</a><td>};<tr><td><a id="l137"></a><a href="#l137">137</a><td><tr><td><a id="l138"></a><a href="#l138">138</a><td><tr><td><a id="l139"></a><a href="#l139">139</a><td>if (goog.DEBUG) {<tr><td><a id="l140"></a><a href="#l140">140</a><td> /**<tr><td><a id="l141"></a><a href="#l141">141</a><td> * Returns a debug string-representation of this value.<tr><td><a id="l142"></a><a href="#l142">142</a><td> *<tr><td><a id="l143"></a><a href="#l143">143</a><td> * To obtain the actual string value wrapped in a SafeHtml, use<tr><td><a id="l144"></a><a href="#l144">144</a><td> * {@code goog.html.SafeHtml.unwrap}.<tr><td><a id="l145"></a><a href="#l145">145</a><td> *<tr><td><a id="l146"></a><a href="#l146">146</a><td> * @see goog.html.SafeHtml#unwrap<tr><td><a id="l147"></a><a href="#l147">147</a><td> * @override<tr><td><a id="l148"></a><a href="#l148">148</a><td> */<tr><td><a id="l149"></a><a href="#l149">149</a><td> goog.html.SafeHtml.prototype.toString = function() {<tr><td><a id="l150"></a><a href="#l150">150</a><td> return 'SafeHtml{' + this.privateDoNotAccessOrElseSafeHtmlWrappedValue_ +<tr><td><a id="l151"></a><a href="#l151">151</a><td> '}';<tr><td><a id="l152"></a><a href="#l152">152</a><td> };<tr><td><a id="l153"></a><a href="#l153">153</a><td>}<tr><td><a id="l154"></a><a href="#l154">154</a><td><tr><td><a id="l155"></a><a href="#l155">155</a><td><tr><td><a id="l156"></a><a href="#l156">156</a><td>/**<tr><td><a id="l157"></a><a href="#l157">157</a><td> * Performs a runtime check that the provided object is indeed a SafeHtml<tr><td><a id="l158"></a><a href="#l158">158</a><td> * object, and returns its value.<tr><td><a id="l159"></a><a href="#l159">159</a><td> * @param {!goog.html.SafeHtml} safeHtml The object to extract from.<tr><td><a id="l160"></a><a href="#l160">160</a><td> * @return {string} The SafeHtml object's contained string, unless the run-time<tr><td><a id="l161"></a><a href="#l161">161</a><td> * type check fails. In that case, {@code unwrap} returns an innocuous<tr><td><a id="l162"></a><a href="#l162">162</a><td> * string, or, if assertions are enabled, throws<tr><td><a id="l163"></a><a href="#l163">163</a><td> * {@code goog.asserts.AssertionError}.<tr><td><a id="l164"></a><a href="#l164">164</a><td> */<tr><td><a id="l165"></a><a href="#l165">165</a><td>goog.html.SafeHtml.unwrap = function(safeHtml) {<tr><td><a id="l166"></a><a href="#l166">166</a><td> // Perform additional run-time type-checking to ensure that safeHtml is indeed<tr><td><a id="l167"></a><a href="#l167">167</a><td> // an instance of the expected type. This provides some additional protection<tr><td><a id="l168"></a><a href="#l168">168</a><td> // against security bugs due to application code that disables type checks.<tr><td><a id="l169"></a><a href="#l169">169</a><td> // Specifically, the following checks are performed:<tr><td><a id="l170"></a><a href="#l170">170</a><td> // 1. The object is an instance of the expected type.<tr><td><a id="l171"></a><a href="#l171">171</a><td> // 2. The object is not an instance of a subclass.<tr><td><a id="l172"></a><a href="#l172">172</a><td> // 3. The object carries a type marker for the expected type. "Faking" an<tr><td><a id="l173"></a><a href="#l173">173</a><td> // object requires a reference to the type marker, which has names intended<tr><td><a id="l174"></a><a href="#l174">174</a><td> // to stand out in code reviews.<tr><td><a id="l175"></a><a href="#l175">175</a><td> if (safeHtml instanceof goog.html.SafeHtml &&<tr><td><a id="l176"></a><a href="#l176">176</a><td> safeHtml.constructor === goog.html.SafeHtml &&<tr><td><a id="l177"></a><a href="#l177">177</a><td> safeHtml.SAFE_HTML_TYPE_MARKER_GOOG_HTML_SECURITY_PRIVATE_ ===<tr><td><a id="l178"></a><a href="#l178">178</a><td> goog.html.SafeHtml.TYPE_MARKER_GOOG_HTML_SECURITY_PRIVATE_) {<tr><td><a id="l179"></a><a href="#l179">179</a><td> return safeHtml.privateDoNotAccessOrElseSafeHtmlWrappedValue_;<tr><td><a id="l180"></a><a href="#l180">180</a><td> } else {<tr><td><a id="l181"></a><a href="#l181">181</a><td> goog.asserts.fail('expected object of type SafeHtml, got \'' +<tr><td><a id="l182"></a><a href="#l182">182</a><td> safeHtml + '\'');<tr><td><a id="l183"></a><a href="#l183">183</a><td> return 'type_error:SafeHtml';<tr><td><a id="l184"></a><a href="#l184">184</a><td> }<tr><td><a id="l185"></a><a href="#l185">185</a><td>};<tr><td><a id="l186"></a><a href="#l186">186</a><td><tr><td><a id="l187"></a><a href="#l187">187</a><td><tr><td><a id="l188"></a><a href="#l188">188</a><td>/**<tr><td><a id="l189"></a><a href="#l189">189</a><td> * Shorthand for union of types that can sensibly be converted to strings<tr><td><a id="l190"></a><a href="#l190">190</a><td> * or might already be SafeHtml (as SafeHtml is a goog.string.TypedString).<tr><td><a id="l191"></a><a href="#l191">191</a><td> * @private<tr><td><a id="l192"></a><a href="#l192">192</a><td> * @typedef {string|number|boolean|!goog.string.TypedString|<tr><td><a id="l193"></a><a href="#l193">193</a><td> * !goog.i18n.bidi.DirectionalString}<tr><td><a id="l194"></a><a href="#l194">194</a><td> */<tr><td><a id="l195"></a><a href="#l195">195</a><td>goog.html.SafeHtml.TextOrHtml_;<tr><td><a id="l196"></a><a href="#l196">196</a><td><tr><td><a id="l197"></a><a href="#l197">197</a><td><tr><td><a id="l198"></a><a href="#l198">198</a><td>/**<tr><td><a id="l199"></a><a href="#l199">199</a><td> * Returns HTML-escaped text as a SafeHtml object.<tr><td><a id="l200"></a><a href="#l200">200</a><td> *<tr><td><a id="l201"></a><a href="#l201">201</a><td> * If text is of a type that implements<tr><td><a id="l202"></a><a href="#l202">202</a><td> * {@code goog.i18n.bidi.DirectionalString}, the directionality of the new<tr><td><a id="l203"></a><a href="#l203">203</a><td> * {@code SafeHtml} object is set to {@code text}'s directionality, if known.<tr><td><a id="l204"></a><a href="#l204">204</a><td> * Otherwise, the directionality of the resulting SafeHtml is unknown (i.e.,<tr><td><a id="l205"></a><a href="#l205">205</a><td> * {@code null}).<tr><td><a id="l206"></a><a href="#l206">206</a><td> *<tr><td><a id="l207"></a><a href="#l207">207</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_} textOrHtml The text to escape. If<tr><td><a id="l208"></a><a href="#l208">208</a><td> * the parameter is of type SafeHtml it is returned directly (no escaping<tr><td><a id="l209"></a><a href="#l209">209</a><td> * is done).<tr><td><a id="l210"></a><a href="#l210">210</a><td> * @return {!goog.html.SafeHtml} The escaped text, wrapped as a SafeHtml.<tr><td><a id="l211"></a><a href="#l211">211</a><td> */<tr><td><a id="l212"></a><a href="#l212">212</a><td>goog.html.SafeHtml.htmlEscape = function(textOrHtml) {<tr><td><a id="l213"></a><a href="#l213">213</a><td> if (textOrHtml instanceof goog.html.SafeHtml) {<tr><td><a id="l214"></a><a href="#l214">214</a><td> return textOrHtml;<tr><td><a id="l215"></a><a href="#l215">215</a><td> }<tr><td><a id="l216"></a><a href="#l216">216</a><td> var dir = null;<tr><td><a id="l217"></a><a href="#l217">217</a><td> if (textOrHtml.implementsGoogI18nBidiDirectionalString) {<tr><td><a id="l218"></a><a href="#l218">218</a><td> dir = textOrHtml.getDirection();<tr><td><a id="l219"></a><a href="#l219">219</a><td> }<tr><td><a id="l220"></a><a href="#l220">220</a><td> var textAsString;<tr><td><a id="l221"></a><a href="#l221">221</a><td> if (textOrHtml.implementsGoogStringTypedString) {<tr><td><a id="l222"></a><a href="#l222">222</a><td> textAsString = textOrHtml.getTypedStringValue();<tr><td><a id="l223"></a><a href="#l223">223</a><td> } else {<tr><td><a id="l224"></a><a href="#l224">224</a><td> textAsString = String(textOrHtml);<tr><td><a id="l225"></a><a href="#l225">225</a><td> }<tr><td><a id="l226"></a><a href="#l226">226</a><td> return goog.html.SafeHtml.createSafeHtmlSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l227"></a><a href="#l227">227</a><td> goog.string.htmlEscape(textAsString), dir);<tr><td><a id="l228"></a><a href="#l228">228</a><td>};<tr><td><a id="l229"></a><a href="#l229">229</a><td><tr><td><a id="l230"></a><a href="#l230">230</a><td><tr><td><a id="l231"></a><a href="#l231">231</a><td>/**<tr><td><a id="l232"></a><a href="#l232">232</a><td> * Returns HTML-escaped text as a SafeHtml object, with newlines changed to<tr><td><a id="l233"></a><a href="#l233">233</a><td> * &lt;br&gt;.<tr><td><a id="l234"></a><a href="#l234">234</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_} textOrHtml The text to escape. If<tr><td><a id="l235"></a><a href="#l235">235</a><td> * the parameter is of type SafeHtml it is returned directly (no escaping<tr><td><a id="l236"></a><a href="#l236">236</a><td> * is done).<tr><td><a id="l237"></a><a href="#l237">237</a><td> * @return {!goog.html.SafeHtml} The escaped text, wrapped as a SafeHtml.<tr><td><a id="l238"></a><a href="#l238">238</a><td> */<tr><td><a id="l239"></a><a href="#l239">239</a><td>goog.html.SafeHtml.htmlEscapePreservingNewlines = function(textOrHtml) {<tr><td><a id="l240"></a><a href="#l240">240</a><td> if (textOrHtml instanceof goog.html.SafeHtml) {<tr><td><a id="l241"></a><a href="#l241">241</a><td> return textOrHtml;<tr><td><a id="l242"></a><a href="#l242">242</a><td> }<tr><td><a id="l243"></a><a href="#l243">243</a><td> var html = goog.html.SafeHtml.htmlEscape(textOrHtml);<tr><td><a id="l244"></a><a href="#l244">244</a><td> return goog.html.SafeHtml.createSafeHtmlSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l245"></a><a href="#l245">245</a><td> goog.string.newLineToBr(goog.html.SafeHtml.unwrap(html)),<tr><td><a id="l246"></a><a href="#l246">246</a><td> html.getDirection());<tr><td><a id="l247"></a><a href="#l247">247</a><td>};<tr><td><a id="l248"></a><a href="#l248">248</a><td><tr><td><a id="l249"></a><a href="#l249">249</a><td><tr><td><a id="l250"></a><a href="#l250">250</a><td>/**<tr><td><a id="l251"></a><a href="#l251">251</a><td> * Returns HTML-escaped text as a SafeHtml object, with newlines changed to<tr><td><a id="l252"></a><a href="#l252">252</a><td> * &lt;br&gt; and escaping whitespace to preserve spatial formatting. Character<tr><td><a id="l253"></a><a href="#l253">253</a><td> * entity #160 is used to make it safer for XML.<tr><td><a id="l254"></a><a href="#l254">254</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_} textOrHtml The text to escape. If<tr><td><a id="l255"></a><a href="#l255">255</a><td> * the parameter is of type SafeHtml it is returned directly (no escaping<tr><td><a id="l256"></a><a href="#l256">256</a><td> * is done).<tr><td><a id="l257"></a><a href="#l257">257</a><td> * @return {!goog.html.SafeHtml} The escaped text, wrapped as a SafeHtml.<tr><td><a id="l258"></a><a href="#l258">258</a><td> */<tr><td><a id="l259"></a><a href="#l259">259</a><td>goog.html.SafeHtml.htmlEscapePreservingNewlinesAndSpaces = function(<tr><td><a id="l260"></a><a href="#l260">260</a><td> textOrHtml) {<tr><td><a id="l261"></a><a href="#l261">261</a><td> if (textOrHtml instanceof goog.html.SafeHtml) {<tr><td><a id="l262"></a><a href="#l262">262</a><td> return textOrHtml;<tr><td><a id="l263"></a><a href="#l263">263</a><td> }<tr><td><a id="l264"></a><a href="#l264">264</a><td> var html = goog.html.SafeHtml.htmlEscape(textOrHtml);<tr><td><a id="l265"></a><a href="#l265">265</a><td> return goog.html.SafeHtml.createSafeHtmlSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l266"></a><a href="#l266">266</a><td> goog.string.whitespaceEscape(goog.html.SafeHtml.unwrap(html)),<tr><td><a id="l267"></a><a href="#l267">267</a><td> html.getDirection());<tr><td><a id="l268"></a><a href="#l268">268</a><td>};<tr><td><a id="l269"></a><a href="#l269">269</a><td><tr><td><a id="l270"></a><a href="#l270">270</a><td><tr><td><a id="l271"></a><a href="#l271">271</a><td>/**<tr><td><a id="l272"></a><a href="#l272">272</a><td> * Coerces an arbitrary object into a SafeHtml object.<tr><td><a id="l273"></a><a href="#l273">273</a><td> *<tr><td><a id="l274"></a><a href="#l274">274</a><td> * If {@code textOrHtml} is already of type {@code goog.html.SafeHtml}, the same<tr><td><a id="l275"></a><a href="#l275">275</a><td> * object is returned. Otherwise, {@code textOrHtml} is coerced to string, and<tr><td><a id="l276"></a><a href="#l276">276</a><td> * HTML-escaped. If {@code textOrHtml} is of a type that implements<tr><td><a id="l277"></a><a href="#l277">277</a><td> * {@code goog.i18n.bidi.DirectionalString}, its directionality, if known, is<tr><td><a id="l278"></a><a href="#l278">278</a><td> * preserved.<tr><td><a id="l279"></a><a href="#l279">279</a><td> *<tr><td><a id="l280"></a><a href="#l280">280</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_} textOrHtml The text or SafeHtml to<tr><td><a id="l281"></a><a href="#l281">281</a><td> * coerce.<tr><td><a id="l282"></a><a href="#l282">282</a><td> * @return {!goog.html.SafeHtml} The resulting SafeHtml object.<tr><td><a id="l283"></a><a href="#l283">283</a><td> * @deprecated Use goog.html.SafeHtml.htmlEscape.<tr><td><a id="l284"></a><a href="#l284">284</a><td> */<tr><td><a id="l285"></a><a href="#l285">285</a><td>goog.html.SafeHtml.from = goog.html.SafeHtml.htmlEscape;<tr><td><a id="l286"></a><a href="#l286">286</a><td><tr><td><a id="l287"></a><a href="#l287">287</a><td><tr><td><a id="l288"></a><a href="#l288">288</a><td>/**<tr><td><a id="l289"></a><a href="#l289">289</a><td> * @const<tr><td><a id="l290"></a><a href="#l290">290</a><td> * @private<tr><td><a id="l291"></a><a href="#l291">291</a><td> */<tr><td><a id="l292"></a><a href="#l292">292</a><td>goog.html.SafeHtml.VALID_NAMES_IN_TAG_ = /^[a-zA-Z0-9-]+$/;<tr><td><a id="l293"></a><a href="#l293">293</a><td><tr><td><a id="l294"></a><a href="#l294">294</a><td><tr><td><a id="l295"></a><a href="#l295">295</a><td>/**<tr><td><a id="l296"></a><a href="#l296">296</a><td> * Set of attributes containing URL as defined at<tr><td><a id="l297"></a><a href="#l297">297</a><td> * http://www.w3.org/TR/html5/index.html#attributes-1.<tr><td><a id="l298"></a><a href="#l298">298</a><td> * @private @const {!Object<string,boolean>}<tr><td><a id="l299"></a><a href="#l299">299</a><td> */<tr><td><a id="l300"></a><a href="#l300">300</a><td>goog.html.SafeHtml.URL_ATTRIBUTES_ = goog.object.createSet('action', 'cite',<tr><td><a id="l301"></a><a href="#l301">301</a><td> 'data', 'formaction', 'href', 'manifest', 'poster', 'src');<tr><td><a id="l302"></a><a href="#l302">302</a><td><tr><td><a id="l303"></a><a href="#l303">303</a><td><tr><td><a id="l304"></a><a href="#l304">304</a><td>/**<tr><td><a id="l305"></a><a href="#l305">305</a><td> * Tags which are unsupported via create(). They might be supported via a<tr><td><a id="l306"></a><a href="#l306">306</a><td> * tag-specific create method. These are tags which might require a<tr><td><a id="l307"></a><a href="#l307">307</a><td> * TrustedResourceUrl in one of their attributes or a restricted type for<tr><td><a id="l308"></a><a href="#l308">308</a><td> * their content.<tr><td><a id="l309"></a><a href="#l309">309</a><td> * @private @const {!Object<string,boolean>}<tr><td><a id="l310"></a><a href="#l310">310</a><td> */<tr><td><a id="l311"></a><a href="#l311">311</a><td>goog.html.SafeHtml.NOT_ALLOWED_TAG_NAMES_ = goog.object.createSet(<tr><td><a id="l312"></a><a href="#l312">312</a><td> goog.dom.TagName.EMBED, goog.dom.TagName.IFRAME, goog.dom.TagName.LINK,<tr><td><a id="l313"></a><a href="#l313">313</a><td> goog.dom.TagName.OBJECT, goog.dom.TagName.SCRIPT, goog.dom.TagName.STYLE,<tr><td><a id="l314"></a><a href="#l314">314</a><td> goog.dom.TagName.TEMPLATE);<tr><td><a id="l315"></a><a href="#l315">315</a><td><tr><td><a id="l316"></a><a href="#l316">316</a><td><tr><td><a id="l317"></a><a href="#l317">317</a><td>/**<tr><td><a id="l318"></a><a href="#l318">318</a><td> * @typedef {string|number|goog.string.TypedString|<tr><td><a id="l319"></a><a href="#l319">319</a><td> * goog.html.SafeStyle.PropertyMap}<tr><td><a id="l320"></a><a href="#l320">320</a><td> * @private<tr><td><a id="l321"></a><a href="#l321">321</a><td> */<tr><td><a id="l322"></a><a href="#l322">322</a><td>goog.html.SafeHtml.AttributeValue_;<tr><td><a id="l323"></a><a href="#l323">323</a><td><tr><td><a id="l324"></a><a href="#l324">324</a><td><tr><td><a id="l325"></a><a href="#l325">325</a><td>/**<tr><td><a id="l326"></a><a href="#l326">326</a><td> * Creates a SafeHtml content consisting of a tag with optional attributes and<tr><td><a id="l327"></a><a href="#l327">327</a><td> * optional content.<tr><td><a id="l328"></a><a href="#l328">328</a><td> *<tr><td><a id="l329"></a><a href="#l329">329</a><td> * For convenience tag names and attribute names are accepted as regular<tr><td><a id="l330"></a><a href="#l330">330</a><td> * strings, instead of goog.string.Const. Nevertheless, you should not pass<tr><td><a id="l331"></a><a href="#l331">331</a><td> * user-controlled values to these parameters. Note that these parameters are<tr><td><a id="l332"></a><a href="#l332">332</a><td> * syntactically validated at runtime, and invalid values will result in<tr><td><a id="l333"></a><a href="#l333">333</a><td> * an exception.<tr><td><a id="l334"></a><a href="#l334">334</a><td> *<tr><td><a id="l335"></a><a href="#l335">335</a><td> * Example usage:<tr><td><a id="l336"></a><a href="#l336">336</a><td> *<tr><td><a id="l337"></a><a href="#l337">337</a><td> * goog.html.SafeHtml.create('br');<tr><td><a id="l338"></a><a href="#l338">338</a><td> * goog.html.SafeHtml.create('div', {'class': 'a'});<tr><td><a id="l339"></a><a href="#l339">339</a><td> * goog.html.SafeHtml.create('p', {}, 'a');<tr><td><a id="l340"></a><a href="#l340">340</a><td> * goog.html.SafeHtml.create('p', {}, goog.html.SafeHtml.create('br'));<tr><td><a id="l341"></a><a href="#l341">341</a><td> *<tr><td><a id="l342"></a><a href="#l342">342</a><td> * goog.html.SafeHtml.create('span', {<tr><td><a id="l343"></a><a href="#l343">343</a><td> * 'style': {'margin': '0'}<tr><td><a id="l344"></a><a href="#l344">344</a><td> * });<tr><td><a id="l345"></a><a href="#l345">345</a><td> *<tr><td><a id="l346"></a><a href="#l346">346</a><td> * To guarantee SafeHtml's type contract is upheld there are restrictions on<tr><td><a id="l347"></a><a href="#l347">347</a><td> * attribute values and tag names.<tr><td><a id="l348"></a><a href="#l348">348</a><td> *<tr><td><a id="l349"></a><a href="#l349">349</a><td> * - For attributes which contain script code (on*), a goog.string.Const is<tr><td><a id="l350"></a><a href="#l350">350</a><td> * required.<tr><td><a id="l351"></a><a href="#l351">351</a><td> * - For attributes which contain style (style), a goog.html.SafeStyle or a<tr><td><a id="l352"></a><a href="#l352">352</a><td> * goog.html.SafeStyle.PropertyMap is required.<tr><td><a id="l353"></a><a href="#l353">353</a><td> * - For attributes which are interpreted as URLs (e.g. src, href) a<tr><td><a id="l354"></a><a href="#l354">354</a><td> * goog.html.SafeUrl, goog.string.Const or string is required. If a string<tr><td><a id="l355"></a><a href="#l355">355</a><td> * is passed, it will be sanitized with SafeUrl.sanitize().<tr><td><a id="l356"></a><a href="#l356">356</a><td> * - For tags which can load code, more specific goog.html.SafeHtml.create*()<tr><td><a id="l357"></a><a href="#l357">357</a><td> * functions must be used. Tags which can load code and are not supported by<tr><td><a id="l358"></a><a href="#l358">358</a><td> * this function are embed, iframe, link, object, script, style, and template.<tr><td><a id="l359"></a><a href="#l359">359</a><td> *<tr><td><a id="l360"></a><a href="#l360">360</a><td> * @param {string} tagName The name of the tag. Only tag names consisting of<tr><td><a id="l361"></a><a href="#l361">361</a><td> * [a-zA-Z0-9-] are allowed. Tag names documented above are disallowed.<tr><td><a id="l362"></a><a href="#l362">362</a><td> * @param {!Object<string, goog.html.SafeHtml.AttributeValue_>=}<tr><td><a id="l363"></a><a href="#l363">363</a><td> * opt_attributes Mapping from attribute names to their values. Only<tr><td><a id="l364"></a><a href="#l364">364</a><td> * attribute names consisting of [a-zA-Z0-9-] are allowed. Value of null or<tr><td><a id="l365"></a><a href="#l365">365</a><td> * undefined causes the attribute to be omitted.<tr><td><a id="l366"></a><a href="#l366">366</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_|<tr><td><a id="l367"></a><a href="#l367">367</a><td> * !Array<!goog.html.SafeHtml.TextOrHtml_>=} opt_content Content to<tr><td><a id="l368"></a><a href="#l368">368</a><td> * HTML-escape and put inside the tag. This must be empty for void tags<tr><td><a id="l369"></a><a href="#l369">369</a><td> * like <br>. Array elements are concatenated.<tr><td><a id="l370"></a><a href="#l370">370</a><td> * @return {!goog.html.SafeHtml} The SafeHtml content with the tag.<tr><td><a id="l371"></a><a href="#l371">371</a><td> * @throws {Error} If invalid tag name, attribute name, or attribute value is<tr><td><a id="l372"></a><a href="#l372">372</a><td> * provided.<tr><td><a id="l373"></a><a href="#l373">373</a><td> * @throws {goog.asserts.AssertionError} If content for void tag is provided.<tr><td><a id="l374"></a><a href="#l374">374</a><td> */<tr><td><a id="l375"></a><a href="#l375">375</a><td>goog.html.SafeHtml.create = function(tagName, opt_attributes, opt_content) {<tr><td><a id="l376"></a><a href="#l376">376</a><td> if (!goog.html.SafeHtml.VALID_NAMES_IN_TAG_.test(tagName)) {<tr><td><a id="l377"></a><a href="#l377">377</a><td> throw Error('Invalid tag name <' + tagName + '>.');<tr><td><a id="l378"></a><a href="#l378">378</a><td> }<tr><td><a id="l379"></a><a href="#l379">379</a><td> if (tagName.toUpperCase() in goog.html.SafeHtml.NOT_ALLOWED_TAG_NAMES_) {<tr><td><a id="l380"></a><a href="#l380">380</a><td> throw Error('Tag name <' + tagName + '> is not allowed for SafeHtml.');<tr><td><a id="l381"></a><a href="#l381">381</a><td> }<tr><td><a id="l382"></a><a href="#l382">382</a><td> return goog.html.SafeHtml.createSafeHtmlTagSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l383"></a><a href="#l383">383</a><td> tagName, opt_attributes, opt_content);<tr><td><a id="l384"></a><a href="#l384">384</a><td>};<tr><td><a id="l385"></a><a href="#l385">385</a><td><tr><td><a id="l386"></a><a href="#l386">386</a><td><tr><td><a id="l387"></a><a href="#l387">387</a><td>/**<tr><td><a id="l388"></a><a href="#l388">388</a><td> * Creates a SafeHtml representing an iframe tag.<tr><td><a id="l389"></a><a href="#l389">389</a><td> *<tr><td><a id="l390"></a><a href="#l390">390</a><td> * By default the sandbox attribute is set to an empty value, which is the most<tr><td><a id="l391"></a><a href="#l391">391</a><td> * secure option, as it confers the iframe the least privileges. If this<tr><td><a id="l392"></a><a href="#l392">392</a><td> * is too restrictive then granting individual privileges is the preferable<tr><td><a id="l393"></a><a href="#l393">393</a><td> * option. Unsetting the attribute entirely is the least secure option and<tr><td><a id="l394"></a><a href="#l394">394</a><td> * should never be done unless it's stricly necessary.<tr><td><a id="l395"></a><a href="#l395">395</a><td> *<tr><td><a id="l396"></a><a href="#l396">396</a><td> * @param {goog.html.TrustedResourceUrl=} opt_src The value of the src<tr><td><a id="l397"></a><a href="#l397">397</a><td> * attribute. If null or undefined src will not be set.<tr><td><a id="l398"></a><a href="#l398">398</a><td> * @param {goog.html.SafeHtml=} opt_srcdoc The value of the srcdoc attribute.<tr><td><a id="l399"></a><a href="#l399">399</a><td> * If null or undefined srcdoc will not be set.<tr><td><a id="l400"></a><a href="#l400">400</a><td> * @param {!Object<string, goog.html.SafeHtml.AttributeValue_>=}<tr><td><a id="l401"></a><a href="#l401">401</a><td> * opt_attributes Mapping from attribute names to their values. Only<tr><td><a id="l402"></a><a href="#l402">402</a><td> * attribute names consisting of [a-zA-Z0-9-] are allowed. Value of null or<tr><td><a id="l403"></a><a href="#l403">403</a><td> * undefined causes the attribute to be omitted.<tr><td><a id="l404"></a><a href="#l404">404</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_|<tr><td><a id="l405"></a><a href="#l405">405</a><td> * !Array<!goog.html.SafeHtml.TextOrHtml_>=} opt_content Content to<tr><td><a id="l406"></a><a href="#l406">406</a><td> * HTML-escape and put inside the tag. Array elements are concatenated.<tr><td><a id="l407"></a><a href="#l407">407</a><td> * @return {!goog.html.SafeHtml} The SafeHtml content with the tag.<tr><td><a id="l408"></a><a href="#l408">408</a><td> * @throws {Error} If invalid tag name, attribute name, or attribute value is<tr><td><a id="l409"></a><a href="#l409">409</a><td> * provided. If opt_attributes contains the src or srcdoc attributes.<tr><td><a id="l410"></a><a href="#l410">410</a><td> */<tr><td><a id="l411"></a><a href="#l411">411</a><td>goog.html.SafeHtml.createIframe = function(<tr><td><a id="l412"></a><a href="#l412">412</a><td> opt_src, opt_srcdoc, opt_attributes, opt_content) {<tr><td><a id="l413"></a><a href="#l413">413</a><td> var fixedAttributes = {};<tr><td><a id="l414"></a><a href="#l414">414</a><td> fixedAttributes['src'] = opt_src || null;<tr><td><a id="l415"></a><a href="#l415">415</a><td> fixedAttributes['srcdoc'] = opt_srcdoc || null;<tr><td><a id="l416"></a><a href="#l416">416</a><td> var defaultAttributes = {'sandbox': ''};<tr><td><a id="l417"></a><a href="#l417">417</a><td> var attributes = goog.html.SafeHtml.combineAttributes(<tr><td><a id="l418"></a><a href="#l418">418</a><td> fixedAttributes, defaultAttributes, opt_attributes);<tr><td><a id="l419"></a><a href="#l419">419</a><td> return goog.html.SafeHtml.createSafeHtmlTagSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l420"></a><a href="#l420">420</a><td> 'iframe', attributes, opt_content);<tr><td><a id="l421"></a><a href="#l421">421</a><td>};<tr><td><a id="l422"></a><a href="#l422">422</a><td><tr><td><a id="l423"></a><a href="#l423">423</a><td><tr><td><a id="l424"></a><a href="#l424">424</a><td>/**<tr><td><a id="l425"></a><a href="#l425">425</a><td> * Creates a SafeHtml representing a style tag. The type attribute is set<tr><td><a id="l426"></a><a href="#l426">426</a><td> * to "text/css".<tr><td><a id="l427"></a><a href="#l427">427</a><td> * @param {!goog.html.SafeStyleSheet|!Array<!goog.html.SafeStyleSheet>}<tr><td><a id="l428"></a><a href="#l428">428</a><td> * styleSheet Content to put inside the tag. Array elements are<tr><td><a id="l429"></a><a href="#l429">429</a><td> * concatenated.<tr><td><a id="l430"></a><a href="#l430">430</a><td> * @param {!Object<string, goog.html.SafeHtml.AttributeValue_>=}<tr><td><a id="l431"></a><a href="#l431">431</a><td> * opt_attributes Mapping from attribute names to their values. Only<tr><td><a id="l432"></a><a href="#l432">432</a><td> * attribute names consisting of [a-zA-Z0-9-] are allowed. Value of null or<tr><td><a id="l433"></a><a href="#l433">433</a><td> * undefined causes the attribute to be omitted.<tr><td><a id="l434"></a><a href="#l434">434</a><td> * @return {!goog.html.SafeHtml} The SafeHtml content with the tag.<tr><td><a id="l435"></a><a href="#l435">435</a><td> * @throws {Error} If invalid attribute name or attribute value is provided. If<tr><td><a id="l436"></a><a href="#l436">436</a><td> * opt_attributes contains the type attribute.<tr><td><a id="l437"></a><a href="#l437">437</a><td> */<tr><td><a id="l438"></a><a href="#l438">438</a><td>goog.html.SafeHtml.createStyle = function(styleSheet, opt_attributes) {<tr><td><a id="l439"></a><a href="#l439">439</a><td> var fixedAttributes = {'type': 'text/css'};<tr><td><a id="l440"></a><a href="#l440">440</a><td> var defaultAttributes = {};<tr><td><a id="l441"></a><a href="#l441">441</a><td> var attributes = goog.html.SafeHtml.combineAttributes(<tr><td><a id="l442"></a><a href="#l442">442</a><td> fixedAttributes, defaultAttributes, opt_attributes);<tr><td><a id="l443"></a><a href="#l443">443</a><td><tr><td><a id="l444"></a><a href="#l444">444</a><td> var content = '';<tr><td><a id="l445"></a><a href="#l445">445</a><td> styleSheet = goog.array.concat(styleSheet);<tr><td><a id="l446"></a><a href="#l446">446</a><td> for (var i = 0; i < styleSheet.length; i++) {<tr><td><a id="l447"></a><a href="#l447">447</a><td> content += goog.html.SafeStyleSheet.unwrap(styleSheet[i]);<tr><td><a id="l448"></a><a href="#l448">448</a><td> }<tr><td><a id="l449"></a><a href="#l449">449</a><td> // Convert to SafeHtml so that it's not HTML-escaped.<tr><td><a id="l450"></a><a href="#l450">450</a><td> var htmlContent = goog.html.SafeHtml<tr><td><a id="l451"></a><a href="#l451">451</a><td> .createSafeHtmlSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l452"></a><a href="#l452">452</a><td> content, goog.i18n.bidi.Dir.NEUTRAL);<tr><td><a id="l453"></a><a href="#l453">453</a><td> return goog.html.SafeHtml.createSafeHtmlTagSecurityPrivateDoNotAccessOrElse(<tr><td><a id="l454"></a><a href="#l454">454</a><td> 'style', attributes, htmlContent);<tr><td><a id="l455"></a><a href="#l455">455</a><td>};<tr><td><a id="l456"></a><a href="#l456">456</a><td><tr><td><a id="l457"></a><a href="#l457">457</a><td><tr><td><a id="l458"></a><a href="#l458">458</a><td>/**<tr><td><a id="l459"></a><a href="#l459">459</a><td> * @param {string} tagName The tag name.<tr><td><a id="l460"></a><a href="#l460">460</a><td> * @param {string} name The attribute name.<tr><td><a id="l461"></a><a href="#l461">461</a><td> * @param {!goog.html.SafeHtml.AttributeValue_} value The attribute value.<tr><td><a id="l462"></a><a href="#l462">462</a><td> * @return {string} A "name=value" string.<tr><td><a id="l463"></a><a href="#l463">463</a><td> * @throws {Error} If attribute value is unsafe for the given tag and attribute.<tr><td><a id="l464"></a><a href="#l464">464</a><td> * @private<tr><td><a id="l465"></a><a href="#l465">465</a><td> */<tr><td><a id="l466"></a><a href="#l466">466</a><td>goog.html.SafeHtml.getAttrNameAndValue_ = function(tagName, name, value) {<tr><td><a id="l467"></a><a href="#l467">467</a><td> // If it's goog.string.Const, allow any valid attribute name.<tr><td><a id="l468"></a><a href="#l468">468</a><td> if (value instanceof goog.string.Const) {<tr><td><a id="l469"></a><a href="#l469">469</a><td> value = goog.string.Const.unwrap(value);<tr><td><a id="l470"></a><a href="#l470">470</a><td> } else if (name.toLowerCase() == 'style') {<tr><td><a id="l471"></a><a href="#l471">471</a><td> value = goog.html.SafeHtml.getStyleValue_(value);<tr><td><a id="l472"></a><a href="#l472">472</a><td> } else if (/^on/i.test(name)) {<tr><td><a id="l473"></a><a href="#l473">473</a><td> // TODO(jakubvrana): Disallow more attributes with a special meaning.<tr><td><a id="l474"></a><a href="#l474">474</a><td> throw Error('Attribute "' + name +<tr><td><a id="l475"></a><a href="#l475">475</a><td> '" requires goog.string.Const value, "' + value + '" given.');<tr><td><a id="l476"></a><a href="#l476">476</a><td> // URL attributes handled differently accroding to tag.<tr><td><a id="l477"></a><a href="#l477">477</a><td> } else if (name.toLowerCase() in goog.html.SafeHtml.URL_ATTRIBUTES_) {<tr><td><a id="l478"></a><a href="#l478">478</a><td> if (value instanceof goog.html.TrustedResourceUrl) {<tr><td><a id="l479"></a><a href="#l479">479</a><td> value = goog.html.TrustedResourceUrl.unwrap(value);<tr><td><a id="l480"></a><a href="#l480">480</a><td> } else if (value instanceof goog.html.SafeUrl) {<tr><td><a id="l481"></a><a href="#l481">481</a><td> value = goog.html.SafeUrl.unwrap(value);<tr><td><a id="l482"></a><a href="#l482">482</a><td> } else if (goog.isString(value)) {<tr><td><a id="l483"></a><a href="#l483">483</a><td> value = goog.html.SafeUrl.sanitize(value).getTypedStringValue();<tr><td><a id="l484"></a><a href="#l484">484</a><td> } else {<tr><td><a id="l485"></a><a href="#l485">485</a><td> throw Error('Attribute "' + name + '" on tag "' + tagName +<tr><td><a id="l486"></a><a href="#l486">486</a><td> '" requires goog.html.SafeUrl, goog.string.Const, or string,' +<tr><td><a id="l487"></a><a href="#l487">487</a><td> ' value "' + value + '" given.');<tr><td><a id="l488"></a><a href="#l488">488</a><td> }<tr><td><a id="l489"></a><a href="#l489">489</a><td> }<tr><td><a id="l490"></a><a href="#l490">490</a><td><tr><td><a id="l491"></a><a href="#l491">491</a><td> // Accept SafeUrl, TrustedResourceUrl, etc. for attributes which only require<tr><td><a id="l492"></a><a href="#l492">492</a><td> // HTML-escaping.<tr><td><a id="l493"></a><a href="#l493">493</a><td> if (value.implementsGoogStringTypedString) {<tr><td><a id="l494"></a><a href="#l494">494</a><td> // Ok to call getTypedStringValue() since there's no reliance on the type<tr><td><a id="l495"></a><a href="#l495">495</a><td> // contract for security here.<tr><td><a id="l496"></a><a href="#l496">496</a><td> value = value.getTypedStringValue();<tr><td><a id="l497"></a><a href="#l497">497</a><td> }<tr><td><a id="l498"></a><a href="#l498">498</a><td><tr><td><a id="l499"></a><a href="#l499">499</a><td> goog.asserts.assert(goog.isString(value) || goog.isNumber(value),<tr><td><a id="l500"></a><a href="#l500">500</a><td> 'String or number value expected, got ' +<tr><td><a id="l501"></a><a href="#l501">501</a><td> (typeof value) + ' with value: ' + value);<tr><td><a id="l502"></a><a href="#l502">502</a><td> return name + '="' + goog.string.htmlEscape(String(value)) + '"';<tr><td><a id="l503"></a><a href="#l503">503</a><td>};<tr><td><a id="l504"></a><a href="#l504">504</a><td><tr><td><a id="l505"></a><a href="#l505">505</a><td><tr><td><a id="l506"></a><a href="#l506">506</a><td>/**<tr><td><a id="l507"></a><a href="#l507">507</a><td> * Gets value allowed in "style" attribute.<tr><td><a id="l508"></a><a href="#l508">508</a><td> * @param {goog.html.SafeHtml.AttributeValue_} value It could be SafeStyle or a<tr><td><a id="l509"></a><a href="#l509">509</a><td> * map which will be passed to goog.html.SafeStyle.create.<tr><td><a id="l510"></a><a href="#l510">510</a><td> * @return {string} Unwrapped value.<tr><td><a id="l511"></a><a href="#l511">511</a><td> * @throws {Error} If string value is given.<tr><td><a id="l512"></a><a href="#l512">512</a><td> * @private<tr><td><a id="l513"></a><a href="#l513">513</a><td> */<tr><td><a id="l514"></a><a href="#l514">514</a><td>goog.html.SafeHtml.getStyleValue_ = function(value) {<tr><td><a id="l515"></a><a href="#l515">515</a><td> if (!goog.isObject(value)) {<tr><td><a id="l516"></a><a href="#l516">516</a><td> throw Error('The "style" attribute requires goog.html.SafeStyle or map ' +<tr><td><a id="l517"></a><a href="#l517">517</a><td> 'of style properties, ' + (typeof value) + ' given: ' + value);<tr><td><a id="l518"></a><a href="#l518">518</a><td> }<tr><td><a id="l519"></a><a href="#l519">519</a><td> if (!(value instanceof goog.html.SafeStyle)) {<tr><td><a id="l520"></a><a href="#l520">520</a><td> // Process the property bag into a style object.<tr><td><a id="l521"></a><a href="#l521">521</a><td> value = goog.html.SafeStyle.create(value);<tr><td><a id="l522"></a><a href="#l522">522</a><td> }<tr><td><a id="l523"></a><a href="#l523">523</a><td> return goog.html.SafeStyle.unwrap(value);<tr><td><a id="l524"></a><a href="#l524">524</a><td>};<tr><td><a id="l525"></a><a href="#l525">525</a><td><tr><td><a id="l526"></a><a href="#l526">526</a><td><tr><td><a id="l527"></a><a href="#l527">527</a><td>/**<tr><td><a id="l528"></a><a href="#l528">528</a><td> * Creates a SafeHtml content with known directionality consisting of a tag with<tr><td><a id="l529"></a><a href="#l529">529</a><td> * optional attributes and optional content.<tr><td><a id="l530"></a><a href="#l530">530</a><td> * @param {!goog.i18n.bidi.Dir} dir Directionality.<tr><td><a id="l531"></a><a href="#l531">531</a><td> * @param {string} tagName<tr><td><a id="l532"></a><a href="#l532">532</a><td> * @param {!Object<string, goog.html.SafeHtml.AttributeValue_>=} opt_attributes<tr><td><a id="l533"></a><a href="#l533">533</a><td> * @param {!goog.html.SafeHtml.TextOrHtml_|<tr><td><a id="l534"></a><a href="#l534">534</a><td> * !Array<!goog.html.SafeHtml.TextOrHtml_>=} opt_content<tr><td><a id="l535"></a><a href="#l535">535</a><td> * @return {!goog.html.SafeHtml} The SafeHtml content with the tag.<tr><td><a id="l536"></a><a href="#l536">536</a><td> */<tr><td><a id="l537"></a><a href="#l537">537</a><td>goog.html.SafeHtml.createWithDir = function(dir, tagName, opt_attributes,<tr><td><a id="l538"></a><a href="#l538">538</a><td> opt_content) {<tr><td><a id="l539"></a><a href="#l539">539</a><td> var html = goog.html.SafeHtml.create(tagName, opt_attributes, opt_content);<tr><td><a id="l540"></a><a href="#l540">540</a><td> html.dir_ = dir;<tr><td><a id="l541"></a><a href="#l541">541</a><td> return html;<tr><td><a id="l542"></a><a href="#l542">542</a><td>};<tr><td><a id="l543"></a><a href="#l543">543</a><td><tr><td><a id="l544"></a><a href="#l544">544</a><td><tr><td><a id="l545"></a><a href="#l545">545</a><td>/**<tr><td><a id="l546"></a><a href="#l546">546</a><td> * Creates a new SafeHtml object by concatenating values.<tr><td><a id="l547"></a><a href="#l547">547</a><td> * @param {