模組 CGI::Util
常數
- TABLE_FOR_ESCAPE_HTML__
特殊字元及其轉義值的集合
公開實例方法
escape(字串) 按一下以切換來源
將字串 URL 編碼成 application/x-www-form-urlencoded。空白字元 (+“ ”+) 會編碼成加號 (+“+”+)
url_encoded_string = CGI.escape("'Stop!' said Fred") # => "%27Stop%21%27+said+Fred"
# File lib/cgi/util.rb, line 14 def escape(string) encoding = string.encoding buffer = string.b buffer.gsub!(/([^ a-zA-Z0-9_.\-~]+)/) do |m| '%' + m.unpack('H2' * m.bytesize).join('%').upcase end buffer.tr!(' ', '+') buffer.force_encoding(encoding) end
escapeElement(字串, *元素) 按一下以切換來源
僅Escape
字串
中特定 HTML 元素的標籤。
採用元素、元素或元素陣列。每個元素都由元素名稱指定,不含尖括號。這會比對該元素的開始標籤和結束標籤。開啟標籤的屬性清單也會被轉義(例如,屬性值周圍的雙引號)。
print CGI.escapeElement('<BR><A HREF="url"></A>', "A", "IMG") # "<BR><A HREF="url"></A>" print CGI.escapeElement('<BR><A HREF="url"></A>', ["A", "IMG"]) # "<BR><A HREF="url"></A>"
# File lib/cgi/util.rb, line 184 def escapeElement(string, *elements) elements = elements[0] if elements[0].kind_of?(Array) unless elements.empty? string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/i) do CGI.escapeHTML($&) end else string end end
別名為:escape_element
escapeHTML(字串) 按一下以切換來源
Escape
HTML 中的特殊字元,即 ‘&"<>
CGI.escapeHTML('Usage: foo "bar" <baz>') # => "Usage: foo "bar" <baz>"
# File lib/cgi/util.rb, line 77 def escapeHTML(string) enc = string.encoding unless enc.ascii_compatible? if enc.dummy? origenc = enc enc = Encoding::Converter.asciicompat_encoding(enc) string = enc ? string.encode(enc) : string.b end table = Hash[TABLE_FOR_ESCAPE_HTML__.map {|pair|pair.map {|s|s.encode(enc)}}] string = string.gsub(/#{"['&\"<>]".encode(enc)}/, table) string.encode!(origenc) if origenc string else string = string.b string.gsub!(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__) string.force_encoding(enc) end end
別名為:escape_html, h
escapeURIComponent(字串) 按一下以切換來源
根據 RFC 3986 URL 編碼字串。空白字元 (+“ ”+) 會編碼成 (+“%20”+)
url_encoded_string = CGI.escapeURIComponent("'Stop!' said Fred") # => "%27Stop%21%27%20said%20Fred"
# File lib/cgi/util.rb, line 41 def escapeURIComponent(string) encoding = string.encoding buffer = string.b buffer.gsub!(/([^a-zA-Z0-9_.\-~]+)/) do |m| '%' + m.unpack('H2' * m.bytesize).join('%').upcase end buffer.force_encoding(encoding) end
pretty(字串, shift = " ") 按一下切換來源
美化(縮排)HTML 字串。
字串
是要縮排的 HTML 字串。shift
是用於縮排的單位;預設為兩個空格。
print CGI.pretty("<HTML><BODY></BODY></HTML>") # <HTML> # <BODY> # </BODY> # </HTML> print CGI.pretty("<HTML><BODY></BODY></HTML>", "\t") # <HTML> # <BODY> # </BODY> # </HTML>
# File lib/cgi/util.rb, line 246 def pretty(string, shift = " ") lines = string.gsub(/(?!\A)<.*?>/m, "\n\\0").gsub(/<.*?>(?!\n)/m, "\\0\n") end_pos = 0 while end_pos = lines.index(/^<\/(\w+)/, end_pos) element = $1.dup start_pos = lines.rindex(/^\s*<#{element}/i, end_pos) lines[start_pos ... end_pos] = "__" + lines[start_pos ... end_pos].gsub(/\n(?!\z)/, "\n" + shift) + "__" end lines.gsub(/^((?:#{Regexp::quote(shift)})*)__(?=<\/?\w)/, '\1') end
rfc1123_date(時間) 按一下切換來源
使用 RFC 1123 指定的格式,將時間
物件格式化為字串
。
CGI.rfc1123_date(Time.now) # Sat, 01 Jan 2000 00:00:00 GMT
# File lib/cgi/util.rb, line 225 def rfc1123_date(time) time.getgm.strftime("%a, %d %b %Y %T GMT") end
unescape(字串, 編碼 = @@accept_charset) 按一下切換來源
使用編碼(選用)URL 解碼 application/x-www-form-urlencoded 字串。
string = CGI.unescape("%27Stop%21%27+said+Fred") # => "'Stop!' said Fred"
# File lib/cgi/util.rb, line 27 def unescape(string, encoding = @@accept_charset) str = string.tr('+', ' ') str = str.b str.gsub!(/((?:%[0-9a-fA-F]{2})+)/) do |m| [m.delete('%')].pack('H*') end str.force_encoding(encoding) str.valid_encoding? ? str : str.force_encoding(string.encoding) end
unescapeElement(字串, *元素) 按一下切換來源
取消轉譯,例如由CGI.escapeElement()
所做的轉譯
print CGI.unescapeElement( CGI.escapeHTML('<BR><A HREF="url"></A>'), "A", "IMG") # "<BR><A HREF="url"></A>" print CGI.unescapeElement( CGI.escapeHTML('<BR><A HREF="url"></A>'), ["A", "IMG"]) # "<BR><A HREF="url"></A>"
# File lib/cgi/util.rb, line 204 def unescapeElement(string, *elements) elements = elements[0] if elements[0].kind_of?(Array) unless elements.empty? string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/i) do unescapeHTML($&) end else string end end
unescapeHTML(字串) 按一下切換來源
取消轉譯已進行 HTML 轉譯的字串
CGI.unescapeHTML("Usage: foo "bar" <baz>") # => "Usage: foo \"bar\" <baz>"
# File lib/cgi/util.rb, line 107 def unescapeHTML(string) enc = string.encoding unless enc.ascii_compatible? if enc.dummy? origenc = enc enc = Encoding::Converter.asciicompat_encoding(enc) string = enc ? string.encode(enc) : string.b end string = string.gsub(Regexp.new('&(apos|amp|quot|gt|lt|#[0-9]+|#x[0-9A-Fa-f]+);'.encode(enc))) do case $1.encode(Encoding::US_ASCII) when 'apos' then "'".encode(enc) when 'amp' then '&'.encode(enc) when 'quot' then '"'.encode(enc) when 'gt' then '>'.encode(enc) when 'lt' then '<'.encode(enc) when /\A#0*(\d+)\z/ then $1.to_i.chr(enc) when /\A#x([0-9a-f]+)\z/i then $1.hex.chr(enc) end end string.encode!(origenc) if origenc return string end return string unless string.include? '&' charlimit = case enc when Encoding::UTF_8; 0x10ffff when Encoding::ISO_8859_1; 256 else 128 end string = string.b string.gsub!(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do match = $1.dup case match when 'apos' then "'" when 'amp' then '&' when 'quot' then '"' when 'gt' then '>' when 'lt' then '<' when /\A#0*(\d+)\z/ n = $1.to_i if n < charlimit n.chr(enc) else "&##{$1};" end when /\A#x([0-9a-f]+)\z/i n = $1.hex if n < charlimit n.chr(enc) else "&#x#{$1};" end else "&#{match};" end end string.force_encoding enc end
unescapeURIComponent(字串, 編碼 = @@accept_charset) 按一下切換來源
使用編碼(選用)按照 RFC 3986 URL 解碼字串。
string = CGI.unescapeURIComponent("%27Stop%21%27+said%20Fred") # => "'Stop!'+said Fred"
# File lib/cgi/util.rb, line 54 def unescapeURIComponent(string, encoding = @@accept_charset) str = string.b str.gsub!(/((?:%[0-9a-fA-F]{2})+)/) do |m| [m.delete('%')].pack('H*') end str.force_encoding(encoding) str.valid_encoding? ? str : str.force_encoding(string.encoding) end