1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.apache.struts.util;
22
23 import java.io.UnsupportedEncodingException;
24 import java.net.URLEncoder;
25 import java.nio.charset.Charset;
26 import java.util.regex.Matcher;
27 import java.util.regex.Pattern;
28
29 import org.slf4j.Logger;
30 import org.slf4j.LoggerFactory;
31
32
33
34
35
36 public class ResponseUtils {
37
38
39
40
41
42
43 private static final Logger LOG =
44 LoggerFactory.getLogger(ResponseUtils.class);
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60 private static final Pattern XML_ENTITY_PATTERN =
61 Pattern.compile("&(?:[a-zA-Z][a-zA-Z\\d]*|#\\d+|#x[a-fA-F\\d]+);");
62
63
64
65
66 protected static MessageResources messages =
67 MessageResources.getMessageResources(
68 "org.apache.struts.util.LocalStrings");
69
70
71
72
73
74
75 protected ResponseUtils() {
76 }
77
78
79
80
81
82
83
84
85
86
87
88
89 public static String filter(String value) {
90 if (value == null || value.isEmpty()) {
91 return value;
92 }
93
94 final int length = value.length();
95
96 StringBuilder result = null;
97 String filtered;
98 Matcher entityMatcher = null;
99
100 for (int i = 0; i < length; i++) {
101 filtered = null;
102
103 switch (value.charAt(i)) {
104 case '<':
105 filtered = "<";
106
107 break;
108
109 case '>':
110 filtered = ">";
111
112 break;
113
114 case '&':
115 if (entityMatcher == null) {
116 entityMatcher = XML_ENTITY_PATTERN.matcher(value);
117 }
118 entityMatcher.region(i, length);
119 if (entityMatcher.lookingAt()) {
120 filtered = value.substring(entityMatcher.start(), entityMatcher.end());
121 i += filtered.length() - 1;
122 if (result == null) {
123 continue;
124 }
125 } else {
126 filtered = "&";
127 }
128
129 break;
130
131 case '"':
132 filtered = """;
133
134 break;
135
136 case '\'':
137 filtered = "'";
138
139 break;
140
141 default:
142 break;
143 }
144
145 if (result == null) {
146 if (filtered != null) {
147 result = new StringBuilder(length + 50);
148
149 if (i > 0) {
150 result.append(value.substring(0, i));
151 }
152
153 result.append(filtered);
154 }
155 } else {
156 if (filtered == null) {
157 result.append(value.charAt(i));
158 } else {
159 result.append(filtered);
160 }
161 }
162 }
163
164 return result == null ? value : result.toString();
165 }
166
167
168
169
170
171
172
173
174 public static String encodeURL(String url) {
175 return encodeURL(url, "UTF-8");
176 }
177
178
179
180
181
182
183
184
185
186
187
188 public static String encodeURL(String url, String enc) {
189 String str = null;
190
191 try {
192 if (enc == null || enc.isEmpty()) {
193 enc = "UTF-8";
194 }
195
196 str = URLEncoder.encode(url, enc);
197 } catch (UnsupportedEncodingException e) {
198 LOG.debug("The named encoding is not supported: {}", enc, e);
199
200 try {
201 str = URLEncoder.encode(url, Charset.defaultCharset().toString());
202 } catch (UnsupportedEncodingException e1) {
203
204 LOG.debug("The default-encoding is not supported: {}", enc, e1);
205
206 str = url;
207 }
208 }
209
210 return str;
211 }
212 }