From 1aed55020d4caf163592f593a0e76f106ae8e105 Mon Sep 17 00:00:00 2001 From: Henri Yandell Date: Tue, 6 Jun 2006 05:23:37 +0000 Subject: [PATCH] Exposing the unescapeXml and escapeXml methods that take Writers - LANG-260. A recent thread did point out that there are problems with the concept of escaping Xml as a single method, and instead it needs to be an xml parser that escapes the body and the attribute content differently - however we're obviously not there yet and I don't think making the existing 80/20 good enough code more usable hurts. git-svn-id: https://svn.apache.org/repos/asf/jakarta/commons/proper/lang/trunk@412009 13f79535-47bb-0310-9956-ffa450edef68 --- .../commons/lang/StringEscapeUtils.java | 50 +++++++++++++++++++ .../commons/lang/StringEscapeUtilsTest.java | 14 ++++++ 2 files changed, 64 insertions(+) diff --git a/src/java/org/apache/commons/lang/StringEscapeUtils.java b/src/java/org/apache/commons/lang/StringEscapeUtils.java index d8fe391ba..abcc6aa9b 100644 --- a/src/java/org/apache/commons/lang/StringEscapeUtils.java +++ b/src/java/org/apache/commons/lang/StringEscapeUtils.java @@ -559,6 +559,32 @@ public static void unescapeHtml(Writer writer, String string) throws IOException Entities.HTML40.unescape(writer, string); } + /** + *

Escapes the characters in a String using XML entities.

+ * + *

For example: "bread" & "butter" => + * "bread" & "butter". + *

+ * + *

Supports only the five basic XML entities (gt, lt, quot, amp, apos). + * Does not support DTDs or external entities.

+ * + * @param writer writer receiving the unescaped string + * @param str the String to escape, may be null + * @return a new escaped String, null if null string input + * @see #unescapeXml(java.lang.String) + **/ + public static void escapeXml(Writer writer, String str) throws IOException { + if (writer == null ) { + throw new IllegalArgumentException ("The Writer must not be null."); + } + + if (str == null) { + return; + } + Entities.XML.escape(writer, str); + } + /** *

Escapes the characters in a String using XML entities.

* @@ -580,6 +606,30 @@ public static String escapeXml(String str) { return Entities.XML.escape(str); } + /** + *

Unescapes a string containing XML entity escapes to a string + * containing the actual Unicode characters corresponding to the + * escapes.

+ * + *

Supports only the five basic XML entities (gt, lt, quot, amp, apos). + * Does not support DTDs or external entities.

+ * + * @param writer writer receiving the unescaped string + * @param str the String to unescape, may be null + * @return a new unescaped String, null if null string input + * @see #escapeXml(String) + **/ + public static void unescapeXml(Writer writer, String str) throws IOException { + if (writer == null ) { + throw new IllegalArgumentException ("The Writer must not be null."); + } + + if (str == null) { + return; + } + Entities.XML.unescape(writer, str); + } + /** *

Unescapes a string containing XML entity escapes to a string * containing the actual Unicode characters corresponding to the diff --git a/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java b/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java index cb8cf2733..33583bcaa 100644 --- a/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java +++ b/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java @@ -290,6 +290,20 @@ public void testEscapeXml() throws Exception { assertEquals("", StringEscapeUtils.escapeXml("")); assertEquals(null, StringEscapeUtils.escapeXml(null)); assertEquals(null, StringEscapeUtils.unescapeXml(null)); + + StringWriter sw = new StringWriter(); + try { + StringEscapeUtils.escapeXml(sw, ""); + } catch (IOException e) { + } + assertEquals("XML was escaped incorrectly", "<abc>", sw.toString() ); + + sw = new StringWriter(); + try { + StringEscapeUtils.unescapeXml(sw, "<abc>"); + } catch (IOException e) { + } + assertEquals("XML was unescaped incorrectly", "", sw.toString() ); } // SQL