Package org.zkoss.html

Class HTMLs

  • public class HTMLs
extends java.lang.Object
    Utilities for HTML attributes and styles.
    Since:
    6.0.0
    Author:
    tomyeh

    • Constructor Summary

      Constructors 
      Constructor Description
      HTMLs()  

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, boolean val)
      Appends an attribute to the string buffer for HTML/XML (name="val").
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, double val)
      Appends an attribute with a long value to the string buffer for HTML/XML (name="val").
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, int val)
      Appends an attribute with a int value to the string buffer for HTML/XML (name="val").
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, long val)
      Appends an attribute with a long value to the string buffer for HTML/XML (name="val").
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, short val)
      Appends an attribute with a short value to the string buffer for HTML/XML (name="val").
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, java.lang.String val)
      Appends an attribute to the string buffer for HTML/XML (name="val").
      static void appendAttribute​(java.lang.StringBuffer sb, java.lang.String name, java.lang.String val, boolean emptyIgnored)
      Appends an attribute to the string buffer for HTML/XML (name="val").
      static void appendStyle​(java.lang.StringBuffer sb, java.lang.String name, java.lang.String val)
      Appends a style value to the string buffer for HTML/XML (name:"val";).
      static java.lang.String encodeCharacter​(char[] immune, java.lang.Character c)
      Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java
      static java.lang.String encodeJavaScript​(java.lang.String input)
      Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java
      static int getSubstyleIndex​(java.lang.String style, java.lang.String substyle)
      Returns the position of the specified substyle, or -1 if not found.
      static java.lang.String getSubstyleValue​(java.lang.String style, int j)
      Returns the value starting at the specified index (never null).
      static java.lang.String getTextRelevantStyle​(java.lang.String style)
      Retrieves text relevant CSS styles.
      static boolean isOrphanTag​(java.lang.String tagname)
      Returns whether the specified tag is an 'orphan' tag.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • HTMLs

        public HTMLs()

    • Method Detail

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         java.lang.String val)
        Appends an attribute to the string buffer for HTML/XML (name="val"). If val is null or empty (if String), nothing is generated.

        Note: XMLs.encodeAttribute(java.lang.String) is called automatically to encode val.

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         java.lang.String val,
                                         boolean emptyIgnored)
        Appends an attribute to the string buffer for HTML/XML (name="val"). If emptyIgnored is true and val is null or empty (if String), nothing is generated.

        Note: XMLs.encodeAttribute(java.lang.String) is called automatically to encode val.

        Parameters:
        emptyIgnored - whether to ignore a null or empty string. If false, it is always generated (null is generated as "null").

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         int val)
        Appends an attribute with a int value to the string buffer for HTML/XML (name="val").

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         long val)
        Appends an attribute with a long value to the string buffer for HTML/XML (name="val").

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         double val)
        Appends an attribute with a long value to the string buffer for HTML/XML (name="val").

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         short val)
        Appends an attribute with a short value to the string buffer for HTML/XML (name="val").

      • appendAttribute

        public static final void appendAttribute​(java.lang.StringBuffer sb,
                                         java.lang.String name,
                                         boolean val)
        Appends an attribute to the string buffer for HTML/XML (name="val").

      • appendStyle

        public static final void appendStyle​(java.lang.StringBuffer sb,
                                     java.lang.String name,
                                     java.lang.String val)
        Appends a style value to the string buffer for HTML/XML (name:"val";). If val is null or empty (if String), nothing is generated.

      • getSubstyleIndex

        public static final int getSubstyleIndex​(java.lang.String style,
                                         java.lang.String substyle)
        Returns the position of the specified substyle, or -1 if not found.
        Parameters:
        style - the style
        substyle - the sub-style, e.g., display.
        Throws:
        java.lang.IllegalArgumentException - if style is null, or substyle is null or empty.

      • getSubstyleValue

        public static final java.lang.String getSubstyleValue​(java.lang.String style,
                                                      int j)
        Returns the value starting at the specified index (never null).

        Note: the index is usually the returned vale of getSubstyleIndex(java.lang.String, java.lang.String).

        Parameters:
        style - the style
        j - the index that the substyle starts at (including the style's name)

      • getTextRelevantStyle

        public static final java.lang.String getTextRelevantStyle​(java.lang.String style)
        Retrieves text relevant CSS styles.

        For example, if style is "border: 1px solid blue; font-size: 10px; padding: 3px; color: black;", then "font-size: 10px;color: black;" is returned.

        Returns:
        null if style is null. Otherwise, it never returns null.

      • isOrphanTag

        public static final boolean isOrphanTag​(java.lang.String tagname)
        Returns whether the specified tag is an 'orphan' tag. By orphan we mean it doesn't support the format of <xx> </xx>.

        For example, br and img are orphan tags.

        Parameters:
        tagname - the tag name, e.g., br and tr.

      • encodeJavaScript

        public static java.lang.String encodeJavaScript​(java.lang.String input)
        Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java

        Returns backslash encoded numeric format. Does not use backslash character escapes such as, \" or \' as these may cause parsing problems. For example, if a javascript attribute, such as onmouseover, contains a \" that will close the entire attribute and allow an attacker to inject another script attribute.

        Since:
        7.0.2

      • encodeCharacter

        public static java.lang.String encodeCharacter​(char[] immune,
                                               java.lang.Character c)
        Encodes the JavaScript content for XSS vulnerabilities, the implementation is referred from owasp-esapi-java

        Returns backslash encoded numeric format. Does not use backslash character escapes such as, \" or \' as these may cause parsing problems. For example, if a javascript attribute, such as onmouseover, contains a \" that will close the entire attribute and allow an attacker to inject another script attribute.

        Since:
        7.0.2