下面列出了怎么用org.apache.commons.lang.StringEscapeUtils的API类实例代码及写法,或者点击链接到github查看源代码。
public RCFileScanner(final Configuration conf, final Schema schema, final TableMeta meta, final FileFragment fragment)
throws IOException {
super(conf, meta, schema, fragment);
this.start = fragment.getStartKey();
this.end = start + fragment.getEndKey();
key = new LongWritable();
column = new BytesRefArrayWritable();
String nullCharacters = StringEscapeUtils.unescapeJava(this.meta.getOption(NULL));
if (StringUtils.isEmpty(nullCharacters)) {
nullChars = NullDatum.get().asTextBytes();
} else {
nullChars = nullCharacters.getBytes();
}
}
/**
* 覆盖getParameter方法,将参数名和参数值都做xss过滤。<br/>
* 如果需要获得原始的值,则通过super.getParameterValues(name)来获取<br/>
* getParameterNames,getParameterValues和getParameterMap也可能需要覆盖
*/
@Override
public String getParameter(String name) {
if(("content".equals(name) || name.endsWith("WithHtml")) && !isIncludeRichText){
return super.getParameter(name);
}
name = JsoupUtil.clean(name);
String value = super.getParameter(name);
if (Strings.isNotBlank(value)) {
// HTML transformation characters
value = JsoupUtil.clean(value);
// SQL injection characters
value = StringEscapeUtils.escapeSql(value);
}
return value;
}
private boolean buildNameSearch(boolean hasAWhereClause, StringBuilder queryText, String searchString,
String userAlias) {
if (!hasAWhereClause) {
queryText.append(" WHERE ");
}
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
if (hasAWhereClause) {
queryText.append(" AND ");
}
queryText.append(" (").append(userAlias).append(".first_name LIKE '%").append(escToken).append("%' OR ")
.append(userAlias).append(".last_name LIKE '%").append(escToken).append("%' OR ").append(userAlias)
.append(".login LIKE '%").append(escToken).append("%') ");
}
return true;
}
/**
* Returns the name of the test containing this element, or null if it can't be calculated.
*/
@Nullable
public String findTestName(@Nullable PsiElement elt) {
if (elt == null) return null;
final DartCallExpression call = findEnclosingTestCall(elt, getTestsFromOutline(elt.getContainingFile()));
if (call == null) return null;
final DartStringLiteralExpression lit = DartSyntax.getArgument(call, 0, DartStringLiteralExpression.class);
if (lit == null) return null;
final String name = DartSyntax.unquote(lit);
if (name == null) return null;
return StringEscapeUtils.unescapeJava(name);
}
/**
*/
@Override
public Object getValueAt(final int row, final int col) {
final Object o = getObject(row);
Object[] dataArray = null;
dataArray = (Object[]) o;
final Object groupColItem = dataArray[col];
switch (col) {
case 0:
return groupColItem;
case 1:
return groupColItem;
case 2:
String name = ((BusinessGroup) groupColItem).getName();
name = StringEscapeUtils.escapeHtml(name).toString();
return name;
case 3:
return groupColItem;
case 4:
return groupColItem;
default:
return "error";
}
}
@Override
public SimpleFacetQuery convert(SOURCE request) {
String fromValue = StringUtils.isNotEmpty(request.getFrom()) ? request.getFrom() : "*";
String toValue = StringUtils.isNotEmpty(request.getTo()) ? request.getTo() : "*";
Criteria criteria = new SimpleStringCriteria("*:*");
SimpleFacetQuery facetQuery = new SimpleFacetQuery();
facetQuery.addCriteria(criteria);
SimpleFilterQuery simpleFilterQuery = new SimpleFilterQuery();
simpleFilterQuery.addCriteria(new SimpleStringCriteria(getDateTimeField() + ":[" + fromValue +" TO "+ toValue+ "]" ));
facetQuery.addFilterQuery(simpleFilterQuery);
FacetOptions facetOptions = new FacetOptions();
facetOptions.setFacetMinCount(1);
facetOptions.setFacetSort(getFacetSort());
facetOptions.setFacetLimit(-1);
appendFacetOptions(facetOptions, request);
addIncludeFieldValues(facetQuery, StringEscapeUtils.unescapeXml(request.getIncludeQuery()));
addExcludeFieldValues(facetQuery, StringEscapeUtils.unescapeXml(request.getExcludeQuery()));
facetQuery.setFacetOptions(facetOptions);
facetQuery.setRows(0);
addComponentFilters(facetQuery, request);
appendFacetQuery(facetQuery, request);
addInFilterQuery(facetQuery, CLUSTER, splitValueAsList(request.getClusters(), ","));
return facetQuery;
}
private boolean checkStorageInfoOrSendError(JNStorage storage,
HttpServletRequest request, HttpServletResponse response)
throws IOException {
int myNsId = storage.getNamespaceID();
String myClusterId = storage.getClusterID();
String theirStorageInfoString = StringEscapeUtils.escapeHtml(
request.getParameter(STORAGEINFO_PARAM));
if (theirStorageInfoString != null) {
int theirNsId = StorageInfo.getNsIdFromColonSeparatedString(
theirStorageInfoString);
String theirClusterId = StorageInfo.getClusterIdFromColonSeparatedString(
theirStorageInfoString);
if (myNsId != theirNsId || !myClusterId.equals(theirClusterId)) {
String msg = "This node has namespaceId '" + myNsId + " and clusterId '"
+ myClusterId + "' but the requesting node expected '" + theirNsId
+ "' and '" + theirClusterId + "'";
response.sendError(HttpServletResponse.SC_FORBIDDEN, msg);
LOG.warn("Received an invalid request file transfer request from " +
request.getRemoteAddr() + ": " + msg);
return false;
}
}
return true;
}
@Override
public String scalar(Object value, Inspection options) {
if(options.quote()) {
if(value instanceof Character) {
final char c = (char) value;
switch(c) {
case '\'': return "'\\''";
case '"': return "'\"'";
default: return "'" + StringEscapeUtils.escapeJava(String.valueOf(c)) + "'";
}
} else if(value instanceof String) {
return "\"" + StringEscapeUtils.escapeJava((String) value) + "\"";
}
}
if(value instanceof Class) {
// Short class names are usually enough
return ((Class) value).getSimpleName();
}
// everything else
return String.valueOf(value);
}
public static StringBuilder buildJSArrayString(ArrayList<GlossaryItem> glossaryItemArr) {
StringBuilder sb = new StringBuilder();
sb.append("new Array(");
for (Iterator iterator = glossaryItemArr.iterator(); iterator.hasNext();) {
GlossaryItem glossaryItem = (GlossaryItem) iterator.next();
ArrayList<String> allHighlightStrings = glossaryItem.getAllStringsToMarkup();
sb.append("new Array(\"");
for (Iterator iterator2 = allHighlightStrings.iterator(); iterator2.hasNext();) {
String termFlexionSynonym = StringEscapeUtils.escapeJava((String) iterator2.next());
sb.append(termFlexionSynonym);
sb.append("\"");
if (iterator2.hasNext())
sb.append(",\"");
}
sb.append(")");
if (iterator.hasNext())
sb.append(",");
}
sb.append(");");
return sb;
}
/**
* XML-escaped or null if not exists.
*/
public String getProjektname()
{
if (kost2 == null || kost2.getProjekt() == null) {
return null;
}
return StringEscapeUtils.escapeXml(kost2.getProjekt().getName());
}
/** {@inheritDoc} */
@Override
public ActionForward execute(ActionMapping mapping,
ActionForm formIn,
HttpServletRequest request,
HttpServletResponse response) {
RequestContext ctx = new RequestContext(request);
User loggedInUser = ctx.getCurrentUser();
String bunchLabel = request.getParameter("label");
request.setAttribute("label", bunchLabel);
request.setAttribute("bunchdescription", LocalizationService.getInstance().
getMessage("bunch.jsp.description." + bunchLabel));
if (ctx.wasDispatched("bunch.edit.jsp.button-schedule")) {
try {
Date date = new TaskomaticApi().scheduleSingleSatBunch(loggedInUser,
bunchLabel);
ActionMessages msgs = new ActionMessages();
msgs.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("message.bunch.singlescheduled", bunchLabel,
LocalizationService.getInstance().formatCustomDate(date)));
saveMessages(request, msgs);
}
catch (TaskomaticApiException e) {
createErrorMessage(request,
"repos.jsp.message.taskomaticdown", null);
}
}
ListHelper helper = new ListHelper(this, request);
helper.setListName(LIST_NAME);
helper.setParentUrl(request.getRequestURI() + "?label=" +
StringEscapeUtils.escapeHtml(bunchLabel));
helper.execute();
return mapping.findForward(RhnHelper.DEFAULT_FORWARD);
}
public void testToHtml() {
assertEquals(null, StringEscapeUtils.escapeHtml(null));
assertEquals("", StringEscapeUtils.escapeHtml(""));
assertEquals(" ", StringEscapeUtils.escapeHtml(" "));
assertEquals("q & a", StringEscapeUtils.escapeHtml("q & a"));
assertEquals("q & a <> b", StringEscapeUtils.escapeHtml("q & a <> b"));
}
/**
* Render Date type with Formatter depending on locale. Render all other types with toString.
*
* @param target
* @param cellValue
* @param translator
*/
@Override
public void render(StringOutput target, Object cellValue, Translator translator) {
target.append("<span class=\"b_small_icon ");
target.append(getCssClass(cellValue));
String hoverText = getHoverText(cellValue, translator);
if (StringHelper.containsNonWhitespace(hoverText)) {
target.append("\" title=\"");
target.append(StringEscapeUtils.escapeHtml(hoverText));
}
target.append("\">");
target.append(getCellValue(cellValue));
target.append("</span>");
}
private void displaySectionInfo(final StringOutput sb, final SectionContext sc, final AssessmentInstance ai, final IQComponent comp, final URLBuilder ubu,
final Translator translator) {
// display the sectionInfo
if (sc == null) {
return;
}
if (ai.isDisplayTitles()) {
sb.append("<h3>" + StringEscapeUtils.escapeHtml(sc.getTitle()) + "</h3>");
}
final Objectives objectives = sc.getObjectives();
if (objectives != null) {
final StringBuilder sbTmp = new StringBuilder();
final Resolver resolver = ai.getResolver();
final RenderInstructions ri = new RenderInstructions();
ri.put(RenderInstructions.KEY_STATICS_PATH, resolver.getStaticsBaseURI() + "/");
objectives.render(sbTmp, ri);
sb.append(sbTmp);
}
// if Menu not visible, or if visible but not selectable, and itemPage sequence (one question per page)
// show button to navigate to the first question of the current section
final IQMenuDisplayConf menuDisplayConfig = comp.getMenuDisplayConf();
if (!menuDisplayConfig.isEnabledMenu() && menuDisplayConfig.isItemPageSequence()) {
sb.append("<a class=\"b_button\" onclick=\"return o2cl()\" href=\"");
ubu.buildURI(sb, new String[] { VelocityContainer.COMMAND_ID }, new String[] { "git" });
final AssessmentContext ac = ai.getAssessmentContext();
final int sectionPos = ac.getCurrentSectionContextPos();
sb.append("?itid=" + 0 + "&seid=" + sectionPos);
final String title = translator.translate("next");
sb.append("\" title=\"" + StringEscapeUtils.escapeHtml(title) + "\">");
sb.append("<span>").append(StringEscapeUtils.escapeHtml(title)).append("</title>");
sb.append("</a>");
}
}
/**
* @param packageName
* @param pageName
* @param hoverTextKey
* @return
*/
public StringOutput contextHelp(String packageName, String pageName, String hoverTextKey) {
StringOutput sb = new StringOutput(100);
if (ContextHelpModule.isContextHelpEnabled()) {
String hooverText = renderer.getTranslator().translate(hoverTextKey);
if (hooverText != null)
hooverText = StringEscapeUtils.escapeHtml(hooverText).toString();
String langCode = renderer.getTranslator().getLocale().toString();
sb.append("<a href=\"javascript:contextHelpWindow('");
Renderer.renderNormalURI(sb, "help/");
sb.append(langCode).append("/").append(packageName).append("/").append(pageName);
sb.append("')\" title=\"").append(hooverText).append("\" class=\"b_contexthelp\"></a>");
}
return sb;
}
private static String wrapSafeString(String label) {
if (label.indexOf(',') >= 0) {
if (label.length()>14) {
label = label.replaceAll(",", ",\n");
}
}
label = "\"" + StringEscapeUtils.escapeJava(label) + "\"";
return label;
}
private static int parseStmtFrom(String stmt, int offset, ServerConnection c, String name) {
String exestmt = null;
char c1 = stmt.charAt(offset);
int i = stmt.lastIndexOf(c1);
exestmt = stmt.substring(++offset, i);
exestmt = StringEscapeUtils.unescapeJava(exestmt);
offset = skipSpaceAndComment(stmt, i);
if (offset + 1 != stmt.length()) {
return OTHER;
}
c.getSptPrepare().setName(name);
c.getSptPrepare().setExePrepare(exestmt, false);
return PREPARE;
}
/** {@inheritDoc} */
@Override
public ActionForward execute(ActionMapping mapping,
ActionForm formIn,
HttpServletRequest request,
HttpServletResponse response) {
RequestContext requestContext = new RequestContext(request);
User user = requestContext.getCurrentUser();
long pid = requestContext.getRequiredParam("pid");
Package pkg = PackageFactory.lookupByIdAndUser(pid, user);
// show permission error if pid is invalid like we did before
if (pkg == null) {
throw new PermissionException("Invalid pid");
}
String changelog = PackageManager.getPackageChangeLog(pkg);
if (changelog == null) {
request.setAttribute("changelog", null);
}
else {
changelog = StringEscapeUtils.escapeHtml(changelog);
String[] changes = changelog.split("\n");
request.setAttribute("changelog", changes);
}
request.setAttribute("pid", pid);
request.setAttribute("package_name", pkg.getFilename());
return mapping.findForward(RhnHelper.DEFAULT_FORWARD);
}
/**
* Utility function to create options for the dropdown.
* @param options list containing all options.
* @param key resource bundle key used as the display value.
* @param value value to be submitted with form.
* @param flag Flag the item with an asterisk (*) indicating it is *not*
* synch'd
*/
public void addOption(List<Map<String, String>> options, String key, String value,
boolean flag) {
LocalizationService ls = LocalizationService.getInstance();
Map<String, String> selection = new HashMap<String, String>();
selection.put("display", (flag ? "*" : "") + ls.getMessage(key));
selection.put("value", StringEscapeUtils.escapeHtml(value));
options.add(selection);
}
@Override
public EList<Widget> renderWidget(Widget w, StringBuilder sb) throws RenderException {
String snippet = getSnippet("frame");
snippet = StringUtils.replace(snippet, "%label%", StringEscapeUtils.escapeHtml(itemUIRegistry.getLabel(w)));
// Process the color tags
snippet = processColor(w, snippet);
sb.append(snippet);
return itemUIRegistry.getChildren((Frame) w);
}
@Test
public final void testEs() {
String str = null;
assertEquals("", SipBuilder.es(str));
str = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><test id=\"1\"><!-- PRI_LOW = 1000; PRI_NRML = 100; PRI_HI = 0; --><priority>100</priority></test>";
assertEquals(StringEscapeUtils.escapeXml(str), SipBuilder.es(str));
}
/** {@inheritDoc} */
public ActionForward execute(ActionMapping mapping,
ActionForm formIn,
HttpServletRequest request,
HttpServletResponse response) {
RequestContext requestContext = new RequestContext(request);
if (!AclManager.hasAcl("user_role(org_admin)", request, null)) {
//Throw an exception with a nice error message so the user
//knows what went wrong.
LocalizationService ls = LocalizationService.getInstance();
PermissionException pex =
new PermissionException("Only Org Admins can disable users");
pex.setLocalizedTitle(ls.getMessage("permission.jsp.title.disableuser"));
pex.setLocalizedSummary(ls.getMessage("permission.jsp.summary.disableuser"));
throw pex;
}
Long uid = requestContext.getRequiredParam("uid");
User user = UserManager.lookupUser(requestContext.getCurrentUser(), uid);
request.setAttribute(RhnHelper.TARGET_USER, user);
if (user.isDisabled()) {
ActionMessages msg = new ActionMessages();
msg.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("userdisable.error.userdisabled",
StringEscapeUtils.escapeHtml(user.getLogin())));
getStrutsDelegate().saveMessages(request, msg);
}
return mapping.findForward(RhnHelper.DEFAULT_FORWARD);
}
public void doIt(int ix) throws JspException, IOException {
JspWriter writer = pageContext.getOut();
HarvestResult result = chain.get(ix);
writer.println("<wct:HarvestResult>");
writer.print("<wct:Creator>");
writer.print(StringEscapeUtils.escapeXml(result.getCreatedBy().getUsername()) + " " + ix + "/" + chain.size());
writer.println("</wct:Creator>");
writer.print("<wct:CreationDate>");
writer.print(dateFormatter.format(result.getCreationDate()));
writer.println("</wct:CreationDate>");
writer.print("<wct:ProvenanceNote>");
writer.print(StringEscapeUtils.escapeXml(result.getProvenanceNote()));
writer.println("</wct:ProvenanceNote>");
if(!result.getModificationNotes().isEmpty()) {
writer.println("<wct:ModificationNotes>");
for(String note: result.getModificationNotes()) {
writer.print("<wct:ModificationNote>");
writer.print(StringEscapeUtils.escapeXml(note));
writer.println("</wct:ModificationNote>");
}
writer.println("</wct:ModificationNotes>");
}
if((ix+1) < chain.size()) {
writer.println("<wct:DerivedFrom>");
doIt(ix+1);
writer.println("</wct:DerivedFrom>");
}
writer.println("</wct:HarvestResult>");
}
private void buildNameSearch(String searchString, StringBuilder sqlBuilder) {
if (!StringUtils.isBlank(searchString)) {
String[] tokens = searchString.trim().split("\\s+");
for (String token : tokens) {
String escToken = StringEscapeUtils.escapeSql(token);
sqlBuilder.append(" WHERE (user.first_name LIKE '%").append(escToken)
.append("%' OR user.last_name LIKE '%").append(escToken).append("%' OR user.login_name LIKE '%")
.append(escToken).append("%') ");
}
}
}
protected String formatRow(String source, String sink) {
String tempSource = source, tempSink = sink;
if (normalizer != null) {
tempSource = normalizer.normalize(tempSource);
tempSink = normalizer.normalize(tempSink);
}
tempSource = StringEscapeUtils.escapeJava(tempSource);
tempSink = StringEscapeUtils.escapeJava(tempSink);
return tempSource + "\0" + tempSink;
}
/**
* Return the field to index after having eventually removed the HTML tags.
*
* @return The text field to index
*/
@Override
public String getIndexeableFieldValue() {
HtmlHandler htmlhandler = new HtmlHandler();
String parsedText = htmlhandler.getParsedText(super.getText());
return StringEscapeUtils.unescapeHtml(parsedText);
}
@Override
public String toString() {
String host = System.getProperty("jboss.host.name");
return new StringBuilder().append("host:").append(host).append(", id:").append(this.getSettings().getId()).append(", query:")
.append(StringEscapeUtils.escapeHtml(this.getSettings().getQuery())).append(", auths:")
.append(this.getSettings().getQueryAuthorizations()).append(", user:").append(this.getSettings().getOwner()).append(", queryLogic:")
.append(this.getSettings().getQueryLogicName()).append(", name:").append(this.getSettings().getQueryName()).append(", pagesize:")
.append(this.getSettings().getPagesize()).append(", begin:").append(this.getSettings().getBeginDate()).append(", end:")
.append(this.getSettings().getEndDate()).append(", expiration:").append(this.getSettings().getExpirationDate()).append(", params: ")
.append(this.getSettings().getParameters()).append(", callTime: ")
.append((this.getTimeOfCurrentCall() == 0) ? 0 : System.currentTimeMillis() - this.getTimeOfCurrentCall()).toString();
}
/** {@inheritDoc} */
public ActionForward execute(ActionMapping mapping,
ActionForm formIn,
HttpServletRequest request,
HttpServletResponse response) {
if (!AclManager.hasAcl("user_role(org_admin)", request, null)) {
//Throw an exception with a nice error message so the user
//knows what went wrong.
LocalizationService ls = LocalizationService.getInstance();
PermissionException pex =
new PermissionException("Only org admin's can reactivate users");
pex.setLocalizedTitle(ls.getMessage("permission.jsp.title.enableuser"));
pex.setLocalizedSummary(ls.getMessage("permission.jsp.summary.enableuser"));
throw pex;
}
RequestContext requestContext = new RequestContext(request);
Long uid = requestContext.getRequiredParam("uid");
User user = UserManager.lookupUser(requestContext.getCurrentUser(), uid);
request.setAttribute(RhnHelper.TARGET_USER, user);
if (!user.isDisabled()) {
ActionMessages msg = new ActionMessages();
msg.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("userenable.error.usernotdisabled",
StringEscapeUtils.escapeHtml(user.getLogin())));
getStrutsDelegate().saveMessages(request, msg);
}
return mapping.findForward(RhnHelper.DEFAULT_FORWARD);
}
public void value(String v) throws IOException {
StringBuilder buf = new StringBuilder(v.length());
buf.append('\"');
// TODO: remove when JENKINS-45099 has been fixed correctly in upstream stapler
if (config.isHtmlEncode()) {
jsonEncoder.quoteAsString(StringEscapeUtils.escapeHtml(v), buf);
} else {
jsonEncoder.quoteAsString(v, buf);
}
buf.append('\"');
data(buf.toString());
}
private String buildRow(Selection w, String lab, String cmd, Item item, State state, StringBuilder rowSB)
throws RenderException {
String mappedValue = null;
String rowSnippet = getSnippet("selection_row");
String command = cmd != null ? cmd : "";
String label = lab;
if (item instanceof NumberItem && ((NumberItem) item).getDimension() != null) {
String unit = getUnitForWidget(w);
command = StringUtils.replace(command, UnitUtils.UNIT_PLACEHOLDER, unit);
label = StringUtils.replace(label, UnitUtils.UNIT_PLACEHOLDER, unit);
}
rowSnippet = StringUtils.replace(rowSnippet, "%item%", w.getItem() != null ? w.getItem() : "");
rowSnippet = StringUtils.replace(rowSnippet, "%cmd%", StringEscapeUtils.escapeHtml(command));
rowSnippet = StringUtils.replace(rowSnippet, "%label%",
label != null ? StringEscapeUtils.escapeHtml(label) : "");
State compareMappingState = state;
if (state instanceof QuantityType) { // convert the item state to the command value for proper
// comparison and "checked" attribute calculation
compareMappingState = convertStateToLabelUnit((QuantityType<?>) state, command);
}
if (compareMappingState.toString().equals(command)) {
mappedValue = label;
rowSnippet = StringUtils.replace(rowSnippet, "%checked%", "checked=\"true\"");
} else {
rowSnippet = StringUtils.replace(rowSnippet, "%checked%", "");
}
rowSB.append(rowSnippet);
return mappedValue;
}