Author: toad
Date: 2007-04-27 15:21:40 +0000 (Fri, 27 Apr 2007)
New Revision: 13010
Modified:
trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
trunk/freenet/src/freenet/l10n/L10n.java
trunk/freenet/src/freenet/support/HTMLNode.java
Log:
Don't allow arbitrary HTML in those strings, add a utility method
Modified: trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
2007-04-27 15:13:19 UTC (rev 13009)
+++ trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
2007-04-27 15:21:40 UTC (rev 13010)
@@ -605,13 +605,13 @@
HTMLNode referenceInfobox = contentNode.addChild("div",
"class", "infobox infobox-normal");
HTMLNode headerReferenceInfobox =
referenceInfobox.addChild("div", "class", "infobox-header");
// FIXME better way to deal with this sort of thing???
- headerReferenceInfobox.addChild("%",
L10n.getString("DarknetConnectionsToadlet.myReferenceHeader",
+ L10n.addL10nSubstitution(headerReferenceInfobox,
"DarknetConnectionsToadlet.myReferenceHeader",
new String[] { "linkref", "/linkref",
"linktext", "/linktext" },
- new String[] { "<a href=\"myref.fref\">",
"</a>", "<a href=\"myref.txt\">", "</a>" }));
+ new String[] { "<a href=\"myref.fref\">",
"</a>", "<a href=\"myref.txt\">", "</a>" });
HTMLNode warningSentence =
headerReferenceInfobox.addChild("pre");
- warningSentence.addChild("%",
L10n.getString("DarknetConnectionsToadlet.referenceCopyWarning",
+ L10n.addL10nSubstitution(warningSentence,
"DarknetConnectionsToadlet.referenceCopyWarning",
new String[] { "bold", "/bold" },
- new String[] { "<b>", "</b>" }));
+ new String[] { "<b>", "</b>" });
referenceInfobox.addChild("div", "class",
"infobox-content").addChild("pre", "id", "reference",
node.exportPublicFieldSet().toString());
// our ports
Modified: trunk/freenet/src/freenet/l10n/L10n.java
===================================================================
--- trunk/freenet/src/freenet/l10n/L10n.java 2007-04-27 15:13:19 UTC (rev
13009)
+++ trunk/freenet/src/freenet/l10n/L10n.java 2007-04-27 15:21:40 UTC (rev
13010)
@@ -11,6 +11,7 @@
import java.util.MissingResourceException;
import freenet.clients.http.TranslationToadlet;
+import freenet.support.HTMLEncoder;
import freenet.support.HTMLNode;
import freenet.support.Logger;
import freenet.support.SimpleFieldSet;
@@ -348,4 +349,19 @@
return translationOverride.get(key) != null;
}
}
+
+ /**
+ * Add a localised string with some raw HTML substitutions
+ * @param key The L10n key.
+ * @param patterns The strings to search for.
+ * @param values The strings to substitute in.
+ */
+ public static void addL10nSubstitution(HTMLNode node, String key,
String[] patterns, String[] values) {
+ String result = HTMLEncoder.encode(getString(key));
+ assert(patterns.length == values.length);
+ for(int i=0; i<patterns.length; i++)
+ result = result.replaceAll("\\$\\{"+patterns[i]+"\\}",
quoteReplacement(values[i]));
+ node.addChild("%", result);
+ }
+
}
Modified: trunk/freenet/src/freenet/support/HTMLNode.java
===================================================================
--- trunk/freenet/src/freenet/support/HTMLNode.java 2007-04-27 15:13:19 UTC
(rev 13009)
+++ trunk/freenet/src/freenet/support/HTMLNode.java 2007-04-27 15:21:40 UTC
(rev 13010)
@@ -9,6 +9,8 @@
import java.util.Map;
import java.util.Set;
+import freenet.l10n.L10n;
+
public class HTMLNode {
protected final String name;
