RubyGems - escape_utils - Versions diffs - 0.1.0 → 0.1.1 - Mend

escape_utils 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

data/.gitignore +3 -1
data/CHANGELOG.md +3 -0
data/README.rdoc +17 -5
data/VERSION +1 -1
data/benchmark/{escape.rb → html_escape.rb} +0 -0
data/benchmark/{unescape.rb → html_unescape.rb} +0 -0
data/benchmark/javascript_escape.rb +36 -0
data/escape_utils.gemspec +6 -3
data/ext/escape_utils.c +63 -0
data/lib/escape_utils.rb +1 -1
data/spec/html/escape_spec.rb +12 -14
data/spec/html/unescape_spec.rb +12 -14
data/spec/javascript/escape_spec.rb +25 -0
metadata +7 -4

data/.gitignore CHANGED

@@ -1,3 +1,5 @@
 Makefile
 *.o
-*.bundle
+*.bundle
+pkg/*
+doc/*

data/CHANGELOG.md CHANGED

@@ -1,4 +1,7 @@
 # Changelog
+## 0.1.1 (June 8th, 2010)
+* added javascript escaping
 ## 0.1.0 (June 8th, 2010)
 * initial release

data/README.rdoc CHANGED

@@ -2,7 +2,7 @@
 Being as though we're all html escaping everything these days, why not make it faster?
-At the moment escape_utils supports escaping and unescaping of HTML, but I wanna add URL encoding soon
+At the moment escape_utils supports escaping and unescaping of HTML, and Javascript but I wanna add URL encoding soon
 It has monkey-patches for Rack::Utils, CGI, ERB::Util and Haml
@@ -23,6 +23,11 @@ It has monkey-patches for Rack::Utils, CGI, ERB::Util and Haml
   escaped_html = EscapeUtils.escape_html(html)
   html = EscapeUtils.unescape_html(escaped_html)
+=== Escaping Javascript
+  javascript = `curl -s http://code.jquery.com/jquery-1.4.2.js`
+  escaped_javascript = EscapeUtils.escape_javascript(javascript)
 === Monkey Patches
   require 'escape_utils/rack' # to patch Rack::Utils
@@ -33,11 +38,11 @@ It has monkey-patches for Rack::Utils, CGI, ERB::Util and Haml
 == Benchmarks
 In my testing, escaping is around 10-20x faster than the pure ruby implementations in wide use today.
-While unescaping is around 24x faster than CGI.unescapeHTML - also pure ruby.
+While unescaping is around 20-40x faster than CGI.unescapeHTML - also pure ruby.
 This output is from my laptop using the benchmark scripts in the benchmarks folder.
-=== Escaping
+=== HTML Escaping
  Rack::Utils.escape_html
   0.560000   0.040000   0.600000 (  0.589475)
@@ -50,9 +55,16 @@ This output is from my laptop using the benchmark scripts in the benchmarks fold
  EscapeUtils.escape_html
   0.050000   0.010000   0.060000 (  0.054799)
-=== Unescaping
+=== HTML Unescaping
  CGI.unescapeHTML
   1.140000   0.010000   1.150000 (  1.148470)
  EscapeUtils.unescape_html
-  0.040000   0.000000   0.040000 (  0.046166)
+  0.040000   0.000000   0.040000 (  0.046166)
+=== Javascript Escaping
+ ActionView::Helpers::JavaScriptHelper#escape_javascript
+  2.000000   0.020000   2.020000 (  2.023047)
+ EscapeUtils.escape_javascript
+  0.110000   0.010000   0.120000 (  0.121761)

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 0.1.0
1	+ 0.1.1

data/benchmark/{escape.rb → html_escape.rb} RENAMED

File without changes

data/benchmark/{unescape.rb → html_unescape.rb} RENAMED

File without changes

data/benchmark/javascript_escape.rb ADDED

@@ -0,0 +1,36 @@
+# encoding: utf-8
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/..')
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+require 'rubygems'
+require 'benchmark'
+require 'action_view'
+require 'escape_utils'
+class ActionPackBench
+  extend ActionView::Helpers::JavaScriptHelper
+end
+times = 100
+url = "http://code.jquery.com/jquery-1.4.2.js"
+javascript = `curl -s #{url}`
+puts "Escaping #{javascript.bytesize} bytes of javascript from #{url}"
+puts ActionPackBench.escape_javascript(javascript).eql?(EscapeUtils.escape_javascript(javascript))
+Benchmark.bmbm do |x|
+  x.report do
+    puts "ActionView::Helpers::JavaScriptHelper#escape_javascript"
+    times.times do
+      ActionPackBench.escape_javascript(javascript)
+    end
+  end
+  x.report do
+    puts "EscapeUtils.escape_javascript"
+    times.times do
+      EscapeUtils.escape_javascript(javascript)
+    end
+  end
+end

data/escape_utils.gemspec CHANGED

@@ -5,7 +5,7 @@
 Gem::Specification.new do |s|
   s.name = %q{escape_utils}
-  s.version = "0.1.0"
+  s.version = "0.1.1"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Brian Lopez"]
@@ -22,8 +22,9 @@ Gem::Specification.new do |s|
      "README.rdoc",
      "Rakefile",
      "VERSION",
-     "benchmark/escape.rb",
-     "benchmark/unescape.rb",
+     "benchmark/html_escape.rb",
+     "benchmark/html_unescape.rb",
+     "benchmark/javascript_escape.rb",
      "escape_utils.gemspec",
      "ext/escape_utils.c",
      "ext/extconf.rb",
@@ -34,6 +35,7 @@ Gem::Specification.new do |s|
      "lib/escape_utils/rack.rb",
      "spec/html/escape_spec.rb",
      "spec/html/unescape_spec.rb",
+     "spec/javascript/escape_spec.rb",
      "spec/rcov.opts",
      "spec/spec.opts",
      "spec/spec_helper.rb"
@@ -46,6 +48,7 @@ Gem::Specification.new do |s|
   s.test_files = [
     "spec/html/escape_spec.rb",
      "spec/html/unescape_spec.rb",
+     "spec/javascript/escape_spec.rb",
      "spec/spec_helper.rb"
   ]

data/ext/escape_utils.c CHANGED

@@ -72,7 +72,39 @@ static size_t unescape_html(unsigned char *out, const unsigned char *in, size_t
   return total + (i-offset);
 }
+static size_t escape_javascript(unsigned char *out, const unsigned char *in, size_t in_len) {
+  size_t i = 0, offset = 0, total = 0;
+  for(;i<in_len;i++) {
+    switch(in[i]) {
+      case '\\':  APPEND_BUFFER("\\\\", 2, 1);
+      case '<':
+        if (i+1 <= in_len && in[i+1] == '/') {
+          APPEND_BUFFER("<\\/", 3, 2);
+        }
+        break;
+      case '\r':
+        if (i+1 <= in_len && in[i+1] == '\n') {
+          APPEND_BUFFER("\\n", 2, 1);
+        } else {
+          APPEND_BUFFER("\\n", 2, 1);
+        }
+        break;
+      case '\n': APPEND_BUFFER("\\n", 2, 1);
+      case '\"': APPEND_BUFFER("\\\"", 2, 1);
+      case '\'': APPEND_BUFFER("\\'", 2, 1);
+    }
+  }
+  // append the rest of the buffer
+  memcpy(&out[total], &in[offset], i-offset);
+  return total + (i-offset);
+}
 static VALUE rb_escape_html(VALUE self, VALUE str) {
+  Check_Type(str, T_STRING);
   VALUE rb_output_buf;
   unsigned char *inBuf = (unsigned char*)RSTRING_PTR(str);
   size_t len = RSTRING_LEN(str), new_len = 0;
@@ -94,6 +126,8 @@ static VALUE rb_escape_html(VALUE self, VALUE str) {
 }
 static VALUE rb_unescape_html(VALUE self, VALUE str) {
+  Check_Type(str, T_STRING);
   VALUE rb_output_buf;
   unsigned char *inBuf = (unsigned char*)RSTRING_PTR(str);
   size_t len = RSTRING_LEN(str), new_len = 0;
@@ -114,6 +148,33 @@ static VALUE rb_unescape_html(VALUE self, VALUE str) {
   return rb_output_buf;
 }
+static VALUE rb_escape_javascript(VALUE self, VALUE str) {
+  if (str == Qnil) {
+    return rb_str_new2("");
+  }
+  Check_Type(str, T_STRING);
+  VALUE rb_output_buf;
+  unsigned char *inBuf = (unsigned char*)RSTRING_PTR(str);
+  size_t len = RSTRING_LEN(str), new_len = 0;
+  // this is the max size the string could be
+  // TODO: we should try to be more intelligent about this
+  unsigned char *outBuf = (unsigned char *)malloc(sizeof(unsigned char *)*(len*2));
+  // perform our escape, returning the new string's length
+  new_len = escape_javascript(outBuf, inBuf, len);
+  // create our new ruby string
+  rb_output_buf = rb_str_new((char *)outBuf, new_len);
+  // free the temporary C string
+  free(outBuf);
+  return rb_output_buf;
+}
 /* Ruby Extension initializer */
 void Init_escape_utils_ext() {
   VALUE mEscape = rb_define_module("EscapeUtils");
@@ -121,4 +182,6 @@ void Init_escape_utils_ext() {
   rb_define_module_function(mEscape,  "escape_html",    rb_escape_html,   1);
   rb_define_method(mEscape,           "unescape_html",  rb_unescape_html, 1);
   rb_define_module_function(mEscape,  "unescape_html",  rb_unescape_html, 1);
+  rb_define_method(mEscape,           "escape_javascript",  rb_escape_javascript, 1);
+  rb_define_module_function(mEscape,  "escape_javascript",  rb_escape_javascript, 1);
 }

data/lib/escape_utils.rb CHANGED

@@ -4,5 +4,5 @@ require 'escape_utils_ext'
 EscapeUtils.send(:extend, EscapeUtils)
 module EscapeUtils
-  VERSION = "0.0.1"
+  VERSION = "0.1.1"
 end

data/spec/html/escape_spec.rb CHANGED

@@ -1,26 +1,24 @@
 # encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-describe EscapeUtils do
+describe EscapeUtils, "escape_html" do
   it "should respond to escape_html" do
     EscapeUtils.should respond_to(:escape_html)
   end
-  context "escape_html" do
-    it "should escape a basic html tag" do
-      EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag/&gt;")
-    end
+  it "should escape a basic html tag" do
+    EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag/&gt;")
+  end
-    it "should escape double-quotes" do
-      EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>").should eql("&lt;some_tag some_attr=&quot;some value&quot;/&gt;")
-    end
+  it "should escape double-quotes" do
+    EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>").should eql("&lt;some_tag some_attr=&quot;some value&quot;/&gt;")
+  end
-    it "should escape single-quotes" do
-      EscapeUtils.escape_html("<some_tag some_attr='some value'/>").should eql("&lt;some_tag some_attr=&#39;some value&#39;/&gt;")
-    end
+  it "should escape single-quotes" do
+    EscapeUtils.escape_html("<some_tag some_attr='some value'/>").should eql("&lt;some_tag some_attr=&#39;some value&#39;/&gt;")
+  end
-    it "should escape the & character" do
-      EscapeUtils.escape_html("<b>Bourbon & Branch</b>").should eql("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;")
-    end
+  it "should escape the & character" do
+    EscapeUtils.escape_html("<b>Bourbon & Branch</b>").should eql("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;")
   end
 end

data/spec/html/unescape_spec.rb CHANGED

@@ -1,26 +1,24 @@
 # encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-describe EscapeUtils do
+describe EscapeUtils, "unescape_html" do
   it "should respond to unescape_html" do
     EscapeUtils.should respond_to(:unescape_html)
   end
-  context "unescape_html" do
-    it "should unescape a basic html tag" do
-      EscapeUtils.unescape_html("&lt;some_tag/&gt;").should eql("<some_tag/>")
-    end
+  it "should unescape a basic html tag" do
+    EscapeUtils.unescape_html("&lt;some_tag/&gt;").should eql("<some_tag/>")
+  end
-    it "should unescape double-quotes" do
-      EscapeUtils.unescape_html("&lt;some_tag some_attr=&quot;some value&quot;/&gt;").should eql("<some_tag some_attr=\"some value\"/>")
-    end
+  it "should unescape double-quotes" do
+    EscapeUtils.unescape_html("&lt;some_tag some_attr=&quot;some value&quot;/&gt;").should eql("<some_tag some_attr=\"some value\"/>")
+  end
-    it "should unescape single-quotes" do
-      EscapeUtils.unescape_html("&lt;some_tag some_attr=&#39;some value&#39;/&gt;").should eql("<some_tag some_attr='some value'/>")
-    end
+  it "should unescape single-quotes" do
+    EscapeUtils.unescape_html("&lt;some_tag some_attr=&#39;some value&#39;/&gt;").should eql("<some_tag some_attr='some value'/>")
+  end
-    it "should unescape the & character" do
-      EscapeUtils.unescape_html("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;").should eql("<b>Bourbon & Branch</b>")
-    end
+  it "should unescape the & character" do
+    EscapeUtils.unescape_html("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;").should eql("<b>Bourbon & Branch</b>")
   end
 end

data/spec/javascript/escape_spec.rb ADDED

@@ -0,0 +1,25 @@
+# encoding: UTF-8
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
+describe EscapeUtils, "escape_javascript" do
+  it "should respond to escape_javascript" do
+    EscapeUtils.should respond_to(:escape_javascript)
+  end
+  # these are from the ActionView tests
+  it "should return an empty string if passed nil" do
+    EscapeUtils.escape_javascript(nil).should eql("")
+  end
+  it "should escape quotes and newlines" do
+    EscapeUtils.escape_javascript(%(This "thing" is really\n netos')).should eql(%(This \\"thing\\" is really\\n netos\\'))
+  end
+  it "should escape backslashes" do
+    EscapeUtils.escape_javascript(%(backslash\\test)).should eql(%(backslash\\\\test))
+  end
+  it "should escape closed html tags" do
+    EscapeUtils.escape_javascript(%(dont </close> tags)).should eql(%(dont <\\/close> tags))
+  end
+end

metadata CHANGED

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments:
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 1
+  version: 0.1.1
 platform: ruby
 authors:
 - Brian Lopez
@@ -33,8 +33,9 @@ files:
 - README.rdoc
 - Rakefile
 - VERSION
-- benchmark/escape.rb
-- benchmark/unescape.rb
+- benchmark/html_escape.rb
+- benchmark/html_unescape.rb
+- benchmark/javascript_escape.rb
 - escape_utils.gemspec
 - ext/escape_utils.c
 - ext/extconf.rb
@@ -45,6 +46,7 @@ files:
 - lib/escape_utils/rack.rb
 - spec/html/escape_spec.rb
 - spec/html/unescape_spec.rb
+- spec/javascript/escape_spec.rb
 - spec/rcov.opts
 - spec/spec.opts
 - spec/spec_helper.rb
@@ -82,4 +84,5 @@ summary: Faster string escaping routines for your web apps
 test_files:
 - spec/html/escape_spec.rb
 - spec/html/unescape_spec.rb
+- spec/javascript/escape_spec.rb
 - spec/spec_helper.rb