escape_utils 0.2.3 → 0.2.4

data/ext/escape_utils/uri_escape.h

@@ -0,0 +1,35 @@
+static const char URL_SAFE[] = {
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 
+	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 
+	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };
+
+static const char URI_SAFE[] = {
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 
+	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 
+	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };

data/lib/escape_utils.rb

@@ -1,9 +1,9 @@
-# encoding: utf-8
 require 'escape_utils/escape_utils'
 require 'escape_utils/version' unless defined? EscapeUtils::VERSION
 
-EscapeUtils.send(:extend, EscapeUtils)
 module EscapeUtils
+  extend self
+
   # turn on/off the escaping of the '/' character during HTML escaping
   # Escaping '/' is recommended by the OWASP - http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
   # This is because quotes around HTML attributes are optional in most/all modern browsers at the time of writing (10/15/2010)

data/lib/escape_utils/html/cgi.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 class CGI
   extend ::EscapeUtils::HtmlSafety
 

data/lib/escape_utils/html/erb.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 class ERB
   module Util
     include ::EscapeUtils::HtmlSafety

data/lib/escape_utils/html/haml.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module Haml
   module Helpers
     include ::EscapeUtils::HtmlSafety

data/lib/escape_utils/html/rack.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module Rack
   module Utils
     include ::EscapeUtils::HtmlSafety

data/lib/escape_utils/html_safety.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module EscapeUtils
   module HtmlSafety
     if "".respond_to? :html_safe?

data/lib/escape_utils/javascript/action_view.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module ActionView
   module Helpers
     module JavaScriptHelper

data/lib/escape_utils/url/cgi.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 class CGI
   def self.escape(s)
     EscapeUtils.escape_url(s.to_s)

data/lib/escape_utils/url/erb.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 class ERB
   module Util
     def url_encode(s)

data/lib/escape_utils/url/rack.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module Rack
   module Utils
     def escape(url)

data/lib/escape_utils/url/uri.rb

@@ -1,5 +1,3 @@
-# encoding: utf-8
-
 module URI
   def self.escape(s, unsafe=nil)
     EscapeUtils.escape_uri(s.to_s)

data/lib/escape_utils/version.rb

@@ -1,3 +1,3 @@
 module EscapeUtils
-  VERSION = "0.2.3"
+  VERSION = "0.2.4"
 end

data/spec/html/escape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "escape_html" do

data/spec/html/unescape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "unescape_html" do

data/spec/html_safety_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/spec_helper.rb')
 
 class Object

data/spec/javascript/escape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "escape_javascript" do

data/spec/javascript/unescape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "unescape_javascript" do

data/spec/query/escape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "escape_url" do

data/spec/query/unescape_spec.rb

@@ -1,4 +1,5 @@
 # encoding: UTF-8
+
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "unescape_url" do

data/spec/spec_helper.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 $LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/..')
 $LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
 

data/spec/uri/escape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 require 'uri'
 

data/spec/uri/unescape_spec.rb

@@ -1,4 +1,5 @@
 # encoding: UTF-8
+
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "unescape_uri" do

data/spec/url/escape_spec.rb

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 require 'cgi'
 

data/spec/url/unescape_spec.rb

@@ -1,4 +1,5 @@
 # encoding: UTF-8
+
 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
 
 describe EscapeUtils, "unescape_url" do

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: escape_utils
 version: !ruby/object:Gem::Version 
-  hash: 17
+  hash: 31
   prerelease: 
   segments: 
   - 0
   - 2
-  - 3
-  version: 0.2.3
+  - 4
+  version: 0.2.4
 platform: ruby
 authors: 
 - Brian Lopez
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-03-09 00:00:00 -08:00
+date: 2011-09-07 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -126,15 +126,15 @@ executables: []
 
 extensions: 
 - ext/escape_utils/extconf.rb
-extra_rdoc_files: 
-- README.rdoc
+extra_rdoc_files: []
+
 files: 
 - .gitignore
 - .rspec
 - CHANGELOG.md
 - Gemfile
 - MIT-LICENSE
-- README.rdoc
+- README.md
 - Rakefile
 - benchmark/html_escape.rb
 - benchmark/html_unescape.rb
@@ -143,8 +143,16 @@ files:
 - benchmark/url_escape.rb
 - benchmark/url_unescape.rb
 - escape_utils.gemspec
+- ext/escape_utils/buffer.c
+- ext/escape_utils/buffer.h
 - ext/escape_utils/escape_utils.c
 - ext/escape_utils/extconf.rb
+- ext/escape_utils/houdini.h
+- ext/escape_utils/houdini_html.c
+- ext/escape_utils/houdini_js.c
+- ext/escape_utils/houdini_uri.c
+- ext/escape_utils/html_unescape.h
+- ext/escape_utils/uri_escape.h
 - lib/escape_utils.rb
 - lib/escape_utils/html/cgi.rb
 - lib/escape_utils/html/erb.rb
@@ -201,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.6.1
+rubygems_version: 1.6.2
 signing_key: 
 specification_version: 3
 summary: Faster string escaping routines for your web apps

data/README.rdoc

@@ -1,146 +0,0 @@
-= escape_utils
-
-Being as though we're all html escaping everything these days, why not make it faster?
-
-For character encoding in 1.9, we'll return strings in whatever Encoding.default_internal is set to or utf-8 otherwise.
-
-It has monkey-patches for Rack::Utils, CGI, URI, ERB::Util and Haml and ActionView so you can drop this in and have your app start escaping fast as balls in no time
-
-It supports HTML, URL, URI and Javascript escaping/unescaping.
-
-== Installing
-
-  gem install escape_utils
-
-== Usage
-
-=== HTML
-
-==== Escaping
-
-  html = `curl -s http://maps.google.com`
-  escaped_html = EscapeUtils.escape_html(html)
-
-==== Unescaping
-
-  html = `curl -s http://maps.google.com`
-  escaped_html = EscapeUtils.escape_html(html)
-  html = EscapeUtils.unescape_html(escaped_html)
-
-==== Monkey Patches
-
-  require 'escape_utils/html/rack' # to patch Rack::Utils
-  require 'escape_utils/html/erb' # to patch ERB::Util
-  require 'escape_utils/html/cgi' # to patch CGI
-  require 'escape_utils/html/haml' # to patch Haml::Helpers
-
-=== URL
-
-Use (un)escape_uri to get RFC-compliant escaping (like PHP rawurlencode).
-
-Use (un)escape_url to get CGI escaping (where space is +).
-
-==== Escaping
-
-  url = "https://www.yourmom.com/cgi-bin/session.cgi?sess_args=mcEA~!!#*YH*>@!U"
-  escaped_url = EscapeUtils.escape_url(url)
-
-==== Unescaping
-
-  url = "https://www.yourmom.com/cgi-bin/session.cgi?sess_args=mcEA~!!#*YH*>@!U"
-  escaped_url = EscapeUtils.escape_url(url)
-  EscapeUtils.unescape_url(escaped_url) == url # => true
-
-=== Javascript
-
-==== Escaping
-
-  javascript = `curl -s http://code.jquery.com/jquery-1.4.2.js`
-  escaped_javascript = EscapeUtils.escape_javascript(javascript)
-
-==== Unescaping
-
-  javascript = `curl -s http://code.jquery.com/jquery-1.4.2.js`
-  escaped_javascript = EscapeUtils.escape_javascript(javascript)
-  EscapeUtils.unescape_javascript(escaped_javascript) == javascript # => true
-
-==== Monkey Patches
-
-  require 'escape_utils/javascript/action_view' # to patch ActionView::Helpers::JavaScriptHelper
-
-== Benchmarks
-
-In my testing, escaping html is around 10-30x faster than the pure ruby implementations in wide use today.
-While unescaping html is around 40-100x faster than CGI.unescapeHTML which is also pure ruby.
-Escaping Javascript is around 16-30x faster.
-
-This output is from my laptop using the benchmark scripts in the benchmarks folder.
-
-=== HTML
-
-==== Escaping
-
- Rack::Utils.escape_html
-  9.650000   0.090000   9.740000 (  9.750756)
- Haml::Helpers.html_escape
-  9.310000   0.110000   9.420000 (  9.417317)
- ERB::Util.html_escape
-  5.330000   0.390000   5.720000 (  5.748394)
- CGI.escapeHTML
-  5.370000   0.380000   5.750000 (  5.791344)
- FasterHTMLEscape.html_escape
-  0.520000   0.010000   0.530000 (  0.539485)
- fast_xs_extra#fast_xs_html
-  0.310000   0.030000   0.340000 (  0.336734)
- EscapeUtils.escape_html
-  0.200000   0.050000   0.250000 (  0.258839)
-
-==== Unescaping
-
- CGI.unescapeHTML
-  16.520000   0.080000  16.600000 ( 16.853888)
- EscapeUtils.unescape_html
-  0.120000   0.040000   0.160000  (  0.162696)
-
-=== Javascript
-
-==== Escaping
-
- ActionView::Helpers::JavaScriptHelper#escape_javascript
-  3.810000   0.100000   3.910000 (  3.925557)
- EscapeUtils.escape_javascript
-  0.200000   0.040000   0.240000 (  0.236692)
-
-==== Unescaping
-
-I didn't look that hard, but I'm not aware of another ruby library that does Javascript unescaping to benchmark against. Anyone know of any?
-
-=== URL
-
-==== Escaping
-
- ERB::Util.url_encode
-  0.520000   0.010000   0.530000 (  0.529277)
- Rack::Utils.escape
-  0.460000   0.010000   0.470000 (  0.466962)
- CGI.escape
-  0.440000   0.000000   0.440000 (  0.443017)
- URLEscape#escape
-  0.040000   0.000000   0.040000 (  0.045661)
- fast_xs_extra#fast_xs_url
-  0.010000   0.000000   0.010000 (  0.015429)
- EscapeUtils.escape_url
-  0.010000   0.000000   0.010000 (  0.010843)
-
-==== Unescaping
-
- Rack::Utils.unescape
-  0.250000   0.010000   0.260000 (  0.257558)
- CGI.unescape
-  0.250000   0.000000   0.250000 (  0.257837)
- URLEscape#unescape
-  0.040000   0.000000   0.040000 (  0.031548)
- fast_xs_extra#fast_uxs_cgi
-  0.010000   0.000000   0.010000 (  0.006062)
- EscapeUtils.unescape_url
-  0.000000   0.000000   0.000000 (  0.005679)