Coverage report

  %line %branch
org.apache.turbine.util.InputFilterUtils
0% 
0% 

 1  
 package org.apache.turbine.util;
 2  
 
 3  
 /*
 4  
  * Copyright 2001-2005 The Apache Software Foundation.
 5  
  *
 6  
  * Licensed under the Apache License, Version 2.0 (the "License")
 7  
  * you may not use this file except in compliance with the License.
 8  
  * You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing, software
 13  
  * distributed under the License is distributed on an "AS IS" BASIS,
 14  
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15  
  * See the License for the specific language governing permissions and
 16  
  * limitations under the License.
 17  
  */
 18  
 
 19  
 import org.apache.ecs.Entities;
 20  
 
 21  
 import org.apache.ecs.filter.CharacterFilter;
 22  
 
 23  
 /**
 24  
  * Some filter methods that have been orphaned in the Screen class.
 25  
  *
 26  
  *
 27  
  * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
 28  
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
 29  
  * @version $Id: InputFilterUtils.java 264148 2005-08-29 14:21:04Z henning $
 30  
  */
 31  
 
 32  0
 public abstract class InputFilterUtils
 33  
 {
 34  
     /** A HtmlFilter Object for the normal input filter */
 35  0
     private static final CharacterFilter filter = htmlFilter();
 36  
 
 37  
     /** A HtmlFilter Object for the minimal input filter */
 38  0
     private static final CharacterFilter minFilter = htmlMinFilter();
 39  
 
 40  
     /**
 41  
      * This function can/should be used in any screen that will output
 42  
      * User entered text.  This will help prevent users from entering
 43  
      * html (<SCRIPT>) tags that will get executed by the browser.
 44  
      *
 45  
      * @param s The string to prepare.
 46  
      * @return A string with the input already prepared.
 47  
      */
 48  
     public static String prepareText(String s)
 49  
     {
 50  0
         return filter.process(s);
 51  
     }
 52  
 
 53  
     /**
 54  
      * This function can/should be used in any screen that will output
 55  
      * User entered text.  This will help prevent users from entering
 56  
      * html (<SCRIPT>) tags that will get executed by the browser.
 57  
      *
 58  
      * @param s The string to prepare.
 59  
      * @return A string with the input already prepared.
 60  
      */
 61  
     public static String prepareTextMinimum(String s)
 62  
     {
 63  0
         return minFilter.process(s);
 64  
     }
 65  
 
 66  
     /**
 67  
      * These attributes are supposed to be the default, but they are
 68  
      * not, at least in ECS 1.2.  Include them all just to be safe.
 69  
      *
 70  
      * @return A CharacterFilter to do HTML filtering.
 71  
      */
 72  
     private static CharacterFilter htmlFilter()
 73  
     {
 74  0
         CharacterFilter filter = new CharacterFilter();
 75  0
         filter.addAttribute("\"", Entities.QUOT);
 76  0
         filter.addAttribute("'", Entities.LSQUO);
 77  0
         filter.addAttribute("&", Entities.AMP);
 78  0
         filter.addAttribute("<", Entities.LT);
 79  0
         filter.addAttribute(">", Entities.GT);
 80  0
         return filter;
 81  
     }
 82  
 
 83  
     /*
 84  
      * We would like to filter user entered text that might be
 85  
      * dynamically added, using javascript for example.  But we do not
 86  
      * want to filter all the above chars, so we will just disallow
 87  
      * <.
 88  
      *
 89  
      * @return A CharacterFilter to do minimal HTML filtering.
 90  
      */
 91  
     private static CharacterFilter htmlMinFilter()
 92  
     {
 93  0
         CharacterFilter filter = new CharacterFilter();
 94  0
         filter.removeAttribute(">");
 95  0
         filter.removeAttribute("\"");
 96  0
         filter.removeAttribute("'");
 97  0
         filter.removeAttribute("&");
 98  0
         filter.addAttribute("<", Entities.LT);
 99  0
         return filter;
 100  
     }
 101  
 }

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.