forked from rust-lang/rust
-
Notifications
You must be signed in to change notification settings - Fork 0
Lib html
Steve Klabnik edited this page Sep 13, 2013
·
17 revisions
A library/module for escaping/unescaping of special HTML characters.
- Proposed editor: your name
- Date proposed: date of proposal
- Link: link to email
- note
- note
- note
- Standard: standard - link to docs - ...
- Standard: standard - link to docs - ...
- Technique: technique - link to docs - ...
- Technique: technique - link to docs - ...
- Language: Go
- html
-
EscapeString()
escapes only the 5 characters< > & ' "
-
UnescapeString()
unescapes more characters
-
- Language: PHP
- htmlspecialchars()
- escapes only the 5 characters
< > & ' "
- htmlspecialchars_decode () - decodes only the characters handled by htmlspecialchars()
- escapes only the 5 characters
- Language: RUby
- CGI.escapeHTML
- escapes only the 5 characters
< > & ' "
- CGI.unescapeHTML - htmlentities gem
- escapes only the 5 characters
See https://github.com/veddan/rust-htmlescape
- Pull request: link to bug
Question: where to get from the complete list of characters to escape and entities to produce?
-
escape_minimal()
only escapes the necessary 5 characters< > & ' "
which are necessary for security/forms/URLs-
<
=><
-
>
=>>
-
&
=>&
-
'
=>'
-
"
=>"
-
-
escape_full()
escapes all characters- We probably should use a table-lookup (binary search), similar to the code in https://github.com/mozilla/rust/blob/incoming/src/libcore/unicode.rs