escape_utils 0.1.0

data/.gitignore

@@ -0,0 +1,3 @@
+Makefile
+*.o
+*.bundle

data/CHANGELOG.md

@@ -0,0 +1,4 @@
+# Changelog
+
+## 0.1.0 (June 8th, 2010)
+* initial release

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2010 Brian Lopez - http://github.com/brianmario
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,58 @@
+= escape_utils
+
+Being as though we're all html escaping everything these days, why not make it faster?
+
+At the moment escape_utils supports escaping and unescaping of HTML, but I wanna add URL encoding soon
+
+It has monkey-patches for Rack::Utils, CGI, ERB::Util and Haml
+
+== Installing
+
+  gem install escape_utils
+
+== Usage
+
+=== Escaping HTML
+
+  html = `curl -s http://maps.google.com`
+  escaped_html = EscapeUtils.escape_html(html)
+
+=== Unescaping HTML
+
+  html = `curl -s http://maps.google.com`
+  escaped_html = EscapeUtils.escape_html(html)
+  html = EscapeUtils.unescape_html(escaped_html)
+
+=== Monkey Patches
+
+  require 'escape_utils/rack' # to patch Rack::Utils
+  require 'escape_utils/erb' # to patch ERB::Util
+  require 'escape_utils/cgi' # to patch CGI
+  require 'escape_utils/haml' # to patch Haml::Helpers
+
+== Benchmarks
+
+In my testing, escaping is around 10-20x faster than the pure ruby implementations in wide use today.
+While unescaping is around 24x faster than CGI.unescapeHTML - also pure ruby.
+
+This output is from my laptop using the benchmark scripts in the benchmarks folder.
+
+=== Escaping
+
+ Rack::Utils.escape_html
+  0.560000   0.040000   0.600000 (  0.589475)
+ ERB::Util.html_escape
+  0.450000   0.040000   0.490000 (  0.492893)
+ CGI.escapeHTML
+  0.460000   0.030000   0.490000 (  0.490171)
+ Haml::Helpers.html_escape
+  0.430000   0.010000   0.440000 (  0.444694)
+ EscapeUtils.escape_html
+  0.050000   0.010000   0.060000 (  0.054799)
+
+=== Unescaping
+
+ CGI.unescapeHTML
+  1.140000   0.010000   1.150000 (  1.148470)
+ EscapeUtils.unescape_html
+  0.040000   0.000000   0.040000 (  0.046166)

data/Rakefile

@@ -0,0 +1,35 @@
+# encoding: UTF-8
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "escape_utils"
+    gem.summary = "Faster string escaping routines for your web apps"
+    gem.email = "seniorlopez@gmail.com"
+    gem.homepage = "http://github.com/brianmario/escape_utils"
+    gem.authors = ["Brian Lopez"]
+    gem.require_paths = ["lib", "ext"]
+    gem.extra_rdoc_files = `git ls-files *.rdoc`.split("\n")
+    gem.files = `git ls-files`.split("\n")
+    gem.extensions = ["ext/extconf.rb"]
+    gem.files.include %w(lib/jeweler/templates/.document lib/jeweler/templates/.gitignore)
+    # gem.rubyforge_project = "mysql2"
+  end
+rescue LoadError
+  puts "Jeweler, or one of its dependencies, is not available. Install it with: sudo gem install jeweler -s http://gems.github.com"
+end
+
+require 'rake'
+require 'spec/rake/spectask'
+
+desc "Run all examples with RCov"
+Spec::Rake::SpecTask.new('spec:rcov') do |t|
+  t.spec_files = FileList['spec/']
+  t.rcov = true
+  t.rcov_opts = lambda do
+    IO.readlines("spec/rcov.opts").map {|l| l.chomp.split " "}.flatten
+  end
+end
+Spec::Rake::SpecTask.new('spec') do |t|
+  t.spec_files = FileList['spec/']
+  t.spec_opts << '--options' << 'spec/spec.opts'
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/benchmark/escape.rb

@@ -0,0 +1,58 @@
+# encoding: utf-8
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/..')
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+
+require 'rubygems'
+require 'benchmark'
+
+require 'rack'
+require 'erb'
+require 'cgi'
+require 'haml'
+require 'escape_utils'
+
+module HamlBench
+  extend Haml::Helpers
+end
+
+times = 100
+url = "http://maps.google.com"
+html = `curl -s #{url}`
+puts "Escaping #{html.bytesize} bytes of html from #{url}"
+
+Benchmark.bmbm do |x|
+  x.report do
+    puts "Rack::Utils.escape_html"
+    times.times do
+      Rack::Utils.escape_html(html)
+    end
+  end
+
+  x.report do
+    puts "ERB::Util.html_escape"
+    times.times do
+      ERB::Util.html_escape(html)
+    end
+  end
+
+  x.report do
+    puts "CGI.escapeHTML"
+    times.times do
+      CGI.escapeHTML(html)
+    end
+  end
+
+  x.report do
+    puts "Haml::Helpers.html_escape"
+    times.times do
+      HamlBench.html_escape(html)
+    end
+  end
+
+  x.report do
+    puts "EscapeUtils.escape_html"
+    times.times do
+      EscapeUtils.escape_html(html)
+    end
+  end
+end

data/benchmark/unescape.rb

@@ -0,0 +1,36 @@
+# encoding: utf-8
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/..')
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+
+require 'rubygems'
+require 'benchmark'
+
+require 'cgi'
+require 'haml'
+require 'escape_utils'
+
+module HamlBench
+  extend Haml::Helpers
+end
+
+times = 100
+url = "http://maps.google.com"
+html = `curl -s #{url}`
+escaped_html = EscapeUtils.escape_html(html)
+puts "Unescaping #{escaped_html.bytesize} bytes of escaped html from #{url}"
+
+Benchmark.bmbm do |x|
+  x.report do
+    puts "CGI.unescapeHTML"
+    times.times do
+      CGI.unescapeHTML(escaped_html)
+    end
+  end
+
+  x.report do
+    puts "EscapeUtils.unescape_html"
+    times.times do
+      EscapeUtils.unescape_html(escaped_html)
+    end
+  end
+end

data/escape_utils.gemspec

@@ -0,0 +1,62 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{escape_utils}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Brian Lopez"]
+  s.date = %q{2010-06-08}
+  s.email = %q{seniorlopez@gmail.com}
+  s.extensions = ["ext/extconf.rb"]
+  s.extra_rdoc_files = [
+    "README.rdoc"
+  ]
+  s.files = [
+    ".gitignore",
+     "CHANGELOG.md",
+     "MIT-LICENSE",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "benchmark/escape.rb",
+     "benchmark/unescape.rb",
+     "escape_utils.gemspec",
+     "ext/escape_utils.c",
+     "ext/extconf.rb",
+     "lib/escape_utils.rb",
+     "lib/escape_utils/cgi.rb",
+     "lib/escape_utils/erb.rb",
+     "lib/escape_utils/haml.rb",
+     "lib/escape_utils/rack.rb",
+     "spec/html/escape_spec.rb",
+     "spec/html/unescape_spec.rb",
+     "spec/rcov.opts",
+     "spec/spec.opts",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/brianmario/escape_utils}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib", "ext"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Faster string escaping routines for your web apps}
+  s.test_files = [
+    "spec/html/escape_spec.rb",
+     "spec/html/unescape_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end
+

data/ext/escape_utils.c

@@ -0,0 +1,124 @@
+#include <ruby.h>
+
+#define APPEND_BUFFER(escape, len, scoot_by)  \
+  memcpy(&out[total], &in[offset], i-offset); \
+  total += i-offset;                          \
+  offset = i+scoot_by;                        \
+  memcpy(&out[total], escape, len);           \
+  total += len;                               \
+  break;                                      \
+
+static size_t escape_html(unsigned char *out, const unsigned char *in, size_t in_len) {
+  size_t i = 0, offset = 0, total = 0;
+
+  for(;i<in_len;i++) {
+    switch(in[i]) {
+      case '&':  APPEND_BUFFER("&amp;",  5, 1);
+      case '<':  APPEND_BUFFER("&lt;",   4, 1);
+      case '>':  APPEND_BUFFER("&gt;",   4, 1);
+      case '\'': APPEND_BUFFER("&#39;",  5, 1);
+      case '\"': APPEND_BUFFER("&quot;", 6, 1);
+    }
+  }
+
+  // append the rest of the buffer
+  memcpy(&out[total], &in[offset], i-offset);
+
+  return total + (i-offset);
+}
+
+static size_t unescape_html(unsigned char *out, const unsigned char *in, size_t in_len) {
+  size_t i = 0, offset = 0, total = 0;
+  
+  for(;i<in_len;i++) {
+    switch(in[i]) {
+      case '&':
+        if (i+5 <= in_len) {
+          if (memcmp(&in[i], "&amp;", 5) == 0) {
+            APPEND_BUFFER("&", 1, 5);
+          } else if (memcmp(&in[i], "&lt;", 4) == 0) {
+            APPEND_BUFFER("<", 1, 4);
+          } else if (memcmp(&in[i], "&gt;", 4) == 0) {
+            APPEND_BUFFER(">", 1, 4);
+          } else if (memcmp(&in[i], "&#39;", 5) == 0) {
+            APPEND_BUFFER("\'", 1, 5);
+          } else if (memcmp(&in[i], "&quot;", 6) == 0) {
+            APPEND_BUFFER("\"", 1, 6);
+          }
+        } else if (i+4 <= in_len) {
+          if (memcmp(&in[i], "&amp;", 5) == 0) {
+            APPEND_BUFFER("&", 1, 5);
+          } else if (memcmp(&in[i], "&lt;", 4) == 0) {
+            APPEND_BUFFER("<", 1, 4);
+          } else if (memcmp(&in[i], "&gt;", 4) == 0) {
+            APPEND_BUFFER(">", 1, 4);
+          } else if (memcmp(&in[i], "&#39;", 5) == 0) {
+            APPEND_BUFFER("\'", 1, 5);
+          }
+        } else if (i+3 <= in_len) {
+          if (memcmp(&in[i], "&lt;", 4) == 0) {
+            APPEND_BUFFER("<", 1, 4);
+          } else if (memcmp(&in[i], "&gt;", 4) == 0) {
+            APPEND_BUFFER(">", 1, 4);
+          }
+        }
+      break;
+    }
+  }
+
+  // append the rest of the buffer
+  memcpy(&out[total], &in[offset], i-offset);
+
+  return total + (i-offset);
+}
+
+static VALUE rb_escape_html(VALUE self, VALUE str) {
+  VALUE rb_output_buf;
+  unsigned char *inBuf = (unsigned char*)RSTRING_PTR(str);
+  size_t len = RSTRING_LEN(str), new_len = 0;
+
+  // this is the max size the string could be
+  // TODO: we should try to be more intelligent about this
+  unsigned char *outBuf = (unsigned char *)malloc(sizeof(unsigned char *)*(len*5));
+
+  // perform our escape, returning the new string's length
+  new_len = escape_html(outBuf, inBuf, len);
+
+  // create our new ruby string
+  rb_output_buf = rb_str_new((char *)outBuf, new_len);
+
+  // free the temporary C string
+  free(outBuf);
+
+  return rb_output_buf;
+}
+
+static VALUE rb_unescape_html(VALUE self, VALUE str) {
+  VALUE rb_output_buf;
+  unsigned char *inBuf = (unsigned char*)RSTRING_PTR(str);
+  size_t len = RSTRING_LEN(str), new_len = 0;
+
+  // this is the max size the string could be
+  // TODO: we should try to be more intelligent about this
+  unsigned char *outBuf = (unsigned char *)malloc(sizeof(unsigned char *)*len);
+
+  // perform our escape, returning the new string's length
+  new_len = unescape_html(outBuf, inBuf, len);
+
+  // create our new ruby string
+  rb_output_buf = rb_str_new((char *)outBuf, new_len);
+
+  // free the temporary C string
+  free(outBuf);
+
+  return rb_output_buf;
+}
+
+/* Ruby Extension initializer */
+void Init_escape_utils_ext() {
+  VALUE mEscape = rb_define_module("EscapeUtils");
+  rb_define_method(mEscape,           "escape_html",    rb_escape_html,   1);
+  rb_define_module_function(mEscape,  "escape_html",    rb_escape_html,   1);
+  rb_define_method(mEscape,           "unescape_html",  rb_unescape_html, 1);
+  rb_define_module_function(mEscape,  "unescape_html",  rb_unescape_html, 1);
+}

data/ext/extconf.rb

@@ -0,0 +1,9 @@
+# encoding: UTF-8
+require 'mkmf'
+require 'rbconfig'
+
+$CFLAGS << ' -Wall -funroll-loops'
+$CFLAGS << ' -Wextra' if ENV['DEBUG']
+# $CFLAGS << ' -O0 -ggdb'
+
+create_makefile("escape_utils_ext")

data/lib/escape_utils.rb

@@ -0,0 +1,8 @@
+# encoding: utf-8
+
+require 'escape_utils_ext'
+
+EscapeUtils.send(:extend, EscapeUtils)
+module EscapeUtils
+  VERSION = "0.0.1"
+end

data/lib/escape_utils/cgi.rb

@@ -0,0 +1,7 @@
+# encoding: utf-8
+
+class CGI
+  def self.escapeHTML(s)
+    EscapeUtils.escape_html(s)
+  end
+end

data/lib/escape_utils/erb.rb

@@ -0,0 +1,13 @@
+# encoding: utf-8
+
+class ERB
+  module Util
+    def html_escape(s)
+      EscapeUtils.escape_html(s)
+    end
+
+    alias h html_escape
+    module_function :h
+    module_function :html_escape
+  end
+end

data/lib/escape_utils/haml.rb

@@ -0,0 +1,9 @@
+# encoding: utf-8
+
+module Haml
+  module Helpers
+    def html_escape(s)
+      EscapeUtils.escape_html(s)
+    end
+  end
+end

data/lib/escape_utils/rack.rb

@@ -0,0 +1,12 @@
+# encoding: utf-8
+
+module Rack
+  module Utils
+    def escape_html(s)
+      EscapeUtils.escape_html(s)
+    end
+    def self.escape_html(s)
+      EscapeUtils.escape_html(s)
+    end
+  end
+end

data/spec/html/escape_spec.rb

@@ -0,0 +1,26 @@
+# encoding: UTF-8
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
+
+describe EscapeUtils do
+  it "should respond to escape_html" do
+    EscapeUtils.should respond_to(:escape_html)
+  end
+
+  context "escape_html" do
+    it "should escape a basic html tag" do
+      EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag/&gt;")
+    end
+
+    it "should escape double-quotes" do
+      EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>").should eql("&lt;some_tag some_attr=&quot;some value&quot;/&gt;")
+    end
+
+    it "should escape single-quotes" do
+      EscapeUtils.escape_html("<some_tag some_attr='some value'/>").should eql("&lt;some_tag some_attr=&#39;some value&#39;/&gt;")
+    end
+
+    it "should escape the & character" do
+      EscapeUtils.escape_html("<b>Bourbon & Branch</b>").should eql("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;")
+    end
+  end
+end

data/spec/html/unescape_spec.rb

@@ -0,0 +1,26 @@
+# encoding: UTF-8
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
+
+describe EscapeUtils do
+  it "should respond to unescape_html" do
+    EscapeUtils.should respond_to(:unescape_html)
+  end
+
+  context "unescape_html" do
+    it "should unescape a basic html tag" do
+      EscapeUtils.unescape_html("&lt;some_tag/&gt;").should eql("<some_tag/>")
+    end
+
+    it "should unescape double-quotes" do
+      EscapeUtils.unescape_html("&lt;some_tag some_attr=&quot;some value&quot;/&gt;").should eql("<some_tag some_attr=\"some value\"/>")
+    end
+
+    it "should unescape single-quotes" do
+      EscapeUtils.unescape_html("&lt;some_tag some_attr=&#39;some value&#39;/&gt;").should eql("<some_tag some_attr='some value'/>")
+    end
+
+    it "should unescape the & character" do
+      EscapeUtils.unescape_html("&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;").should eql("<b>Bourbon & Branch</b>")
+    end
+  end
+end

data/spec/rcov.opts

@@ -0,0 +1,3 @@
+--exclude spec,gem
+--text-summary
+--sort coverage --sort-reverse

data/spec/spec.opts

@@ -0,0 +1,2 @@
+--format specdoc
+--colour

data/spec/spec_helper.rb

@@ -0,0 +1,5 @@
+# encoding: UTF-8
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/..')
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+
+require 'escape_utils'

metadata

@@ -0,0 +1,85 @@
+--- !ruby/object:Gem::Specification 
+name: escape_utils
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Brian Lopez
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-06-08 00:00:00 -07:00
+default_executable: 
+dependencies: []
+
+description: 
+email: seniorlopez@gmail.com
+executables: []
+
+extensions: 
+- ext/extconf.rb
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- .gitignore
+- CHANGELOG.md
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- benchmark/escape.rb
+- benchmark/unescape.rb
+- escape_utils.gemspec
+- ext/escape_utils.c
+- ext/extconf.rb
+- lib/escape_utils.rb
+- lib/escape_utils/cgi.rb
+- lib/escape_utils/erb.rb
+- lib/escape_utils/haml.rb
+- lib/escape_utils/rack.rb
+- spec/html/escape_spec.rb
+- spec/html/unescape_spec.rb
+- spec/rcov.opts
+- spec/spec.opts
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/brianmario/escape_utils
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+- ext
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Faster string escaping routines for your web apps
+test_files: 
+- spec/html/escape_spec.rb
+- spec/html/unescape_spec.rb
+- spec/spec_helper.rb