Author: tv
Date: Sat Jan 23 17:55:51 2016
New Revision: 1726424
URL: http://svn.apache.org/viewvc?rev=1726424&view=rev
Log:
Remove dependency on Jakarta ECS
Modified:
turbine/core/trunk/src/java/org/apache/turbine/util/InputFilterUtils.java
Modified:
turbine/core/trunk/src/java/org/apache/turbine/util/InputFilterUtils.java
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/util/InputFilterUtils.java?rev=1726424&r1=1726423&r2=1726424&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/util/InputFilterUtils.java
(original)
+++ turbine/core/trunk/src/java/org/apache/turbine/util/InputFilterUtils.java
Sat Jan 23 17:55:51 2016
@@ -21,9 +21,8 @@ package org.apache.turbine.util;
*/
-import org.apache.ecs.Entities;
-
-import org.apache.ecs.filter.CharacterFilter;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang.StringUtils;
/**
* Some filter methods that have been orphaned in the Screen class.
@@ -36,12 +35,6 @@ import org.apache.ecs.filter.CharacterFi
public abstract class InputFilterUtils
{
- /** A HtmlFilter Object for the normal input filter */
- private static final CharacterFilter filter = htmlFilter();
-
- /** A HtmlFilter Object for the minimal input filter */
- private static final CharacterFilter minFilter = htmlMinFilter();
-
/**
* This function can/should be used in any screen that will output
* User entered text. This will help prevent users from entering
@@ -52,7 +45,7 @@ public abstract class InputFilterUtils
*/
public static String prepareText(String s)
{
- return filter.process(s);
+ return StringEscapeUtils.escapeHtml(s);
}
/**
@@ -65,42 +58,12 @@ public abstract class InputFilterUtils
*/
public static String prepareTextMinimum(String s)
{
- return minFilter.process(s);
- }
-
- /**
- * These attributes are supposed to be the default, but they are
- * not, at least in ECS 1.2. Include them all just to be safe.
- *
- * @return A CharacterFilter to do HTML filtering.
- */
- private static CharacterFilter htmlFilter()
- {
- CharacterFilter filter = new CharacterFilter();
- filter.addAttribute("\"", Entities.QUOT);
- filter.addAttribute("'", Entities.LSQUO);
- filter.addAttribute("&", Entities.AMP);
- filter.addAttribute("<", Entities.LT);
- filter.addAttribute(">", Entities.GT);
- return filter;
- }
-
- /*
- * We would like to filter user entered text that might be
- * dynamically added, using javascript for example. But we do not
- * want to filter all the above chars, so we will just disallow
- * <.
- *
- * @return A CharacterFilter to do minimal HTML filtering.
- */
- private static CharacterFilter htmlMinFilter()
- {
- CharacterFilter filter = new CharacterFilter();
- filter.removeAttribute(">");
- filter.removeAttribute("\"");
- filter.removeAttribute("'");
- filter.removeAttribute("&");
- filter.addAttribute("<", Entities.LT);
- return filter;
+ /*
+ * We would like to filter user entered text that might be
+ * dynamically added, using javascript for example. But we do not
+ * want to filter all the above chars, so we will just disallow
+ * <.
+ */
+ return StringUtils.replace(s, "<", "<");
}
}
