escape_utils 0.2.4 → 0.3.0

data/ext/escape_utils/houdini_uri.c

@@ -1,130 +0,0 @@
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "houdini.h"
-#include "uri_escape.h"
-
-#define ESCAPE_GROW_FACTOR(x) (((x) * 12) / 10)
-#define UNESCAPE_GROW_FACTOR(x) (x)
-
-extern int _isxdigit(int c);
-
-static void
-escape(struct buf *ob, const uint8_t *src, size_t size, int is_url)
-{
-	static const char hex_chars[] = "0123456789ABCDEF";
-	const char *safe_table = is_url ? URL_SAFE : URI_SAFE;
-
-	size_t  i = 0, org;
-	char hex_str[3];
-
-	bufgrow(ob, ESCAPE_GROW_FACTOR(size));
-	hex_str[0] = '%';
-
-	while (i < size) {
-		org = i;
-		while (i < size && safe_table[src[i]] != 0)
-			i++;
-
-		if (i > org)
-			bufput(ob, src + org, i - org);
-
-		/* escaping */
-		if (i >= size)
-			break;
-
-		if (src[i] == ' ' && is_url) {
-			bufputc(ob, '+');
-		} else {
-			hex_str[1] = hex_chars[(src[i] >> 4) & 0xF];
-			hex_str[2] = hex_chars[src[i] & 0xF];
-			bufput(ob, hex_str, 3);
-		}
-
-		i++;
-	}
-}
-
-#define hex2c(c) ((c | 32) % 39 - 9)
-
-static void
-unescape(struct buf *ob, const uint8_t *src, size_t size, int is_url)
-{
-	size_t  i = 0, org;
-
-	bufgrow(ob, UNESCAPE_GROW_FACTOR(size));
-
-	while (i < size) {
-		org = i;
-		while (i < size && src[i] != '%')
-			i++;
-
-		if (i > org)
-			bufput(ob, src + org, i - org);
-
-		/* escaping */
-		if (i >= size)
-			break;
-
-		i++;
-
-		if (i + 1 < size && _isxdigit(src[i]) && _isxdigit(src[i + 1])) {
-			unsigned char new_char = (hex2c(src[i]) << 4) + hex2c(src[i + 1]);
-			bufputc(ob, new_char);
-			i += 2;
-		} else {
-			bufputc(ob, '%');
-		}
-	}
-
-	if (is_url) {
-		char *find = (char *)bufcstr(ob);
-		while ((find = strchr(find, '+')) != NULL)
-			*find = ' ';
-	}
-}
-
-
-void
-houdini_escape_uri(struct buf *ob, const uint8_t *src, size_t size)
-{
-	return escape(ob, src, size, 0);
-}
-
-void
-houdini_escape_url(struct buf *ob, const uint8_t *src, size_t size)
-{
-	return escape(ob, src, size, 1);
-}
-
-void
-houdini_unescape_uri(struct buf *ob, const uint8_t *src, size_t size)
-{
-	return unescape(ob, src, size, 0);
-}
-
-void
-houdini_unescape_url(struct buf *ob, const uint8_t *src, size_t size)
-{
-	return unescape(ob, src, size, 1);
-}
-
-
-
-//#define TEST
-#ifdef TEST
-
-int main()
-{
-	const char TEST_STRING[] = "http% this \200 is a test";
-	struct buf *buffer;
-
-	buffer = bufnew(128);
-	houdini_escape_uri(buffer, TEST_STRING, strlen(TEST_STRING));
-	printf("Result: %.*s\n", (int)buffer->size, buffer->data);
-	bufrelease(buffer);
-	return 0;
-}
-#endif
-

data/spec/html/escape_spec.rb

@@ -1,42 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-
-describe EscapeUtils, "escape_html" do
-  it "should respond to escape_html" do
-    EscapeUtils.should respond_to(:escape_html)
-  end
-
-  it "should escape a basic html tag, also escaping the '/' character if the secure parameter is true" do
-    EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag&#47;&gt;")
-  end
-
-  it "should escape a basic html tag, not escaping the '/' character if the secure parameter is false" do
-    EscapeUtils.escape_html("<some_tag/>", false).should eql("&lt;some_tag/&gt;")
-  end
-
-  it "should escape a basic html tag, not escaping the '/' character if EscapeUtils.html_secure is false" do
-    EscapeUtils.html_secure = false
-    EscapeUtils.escape_html("<some_tag/>").should eql("&lt;some_tag/&gt;")
-    EscapeUtils.html_secure = true
-  end
-
-  it "should escape double-quotes" do
-    EscapeUtils.escape_html("<some_tag some_attr=\"some value\"/>").should eql("&lt;some_tag some_attr=&quot;some value&quot;&#47;&gt;")
-  end
-
-  it "should escape single-quotes" do
-    EscapeUtils.escape_html("<some_tag some_attr='some value'/>").should eql("&lt;some_tag some_attr=&#39;some value&#39;&#47;&gt;")
-  end
-
-  it "should escape the & character" do
-    EscapeUtils.escape_html("<b>Bourbon & Branch</b>").should eql("&lt;b&gt;Bourbon &amp; Branch&lt;&#47;b&gt;")
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "<b>Bourbon & Branch</b>".encode('us-ascii')
-      EscapeUtils.escape_html(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "<b>Bourbon & Branch</b>".encode('utf-8')
-      EscapeUtils.escape_html(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end

data/spec/html/unescape_spec.rb

@@ -1,37 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-
-describe EscapeUtils, "unescape_html" do
-  it "should respond to unescape_html" do
-    EscapeUtils.should respond_to(:unescape_html)
-  end
-
-  it "should unescape a basic html tag" do
-    EscapeUtils.unescape_html("&lt;some_tag&#47;&gt;").should eql("<some_tag/>")
-  end
-
-  it "should unescape double-quotes" do
-    EscapeUtils.unescape_html("&lt;some_tag some_attr=&quot;some value&quot;&#47;&gt;").should eql("<some_tag some_attr=\"some value\"/>")
-  end
-
-  it "should unescape single-quotes" do
-    EscapeUtils.unescape_html("&lt;some_tag some_attr=&#39;some value&#39;&#47;&gt;").should eql("<some_tag some_attr='some value'/>")
-  end
-
-  it "should unescape the & character" do
-    EscapeUtils.unescape_html("&lt;b&gt;Bourbon &amp; Branch&lt;&#47;b&gt;").should eql("<b>Bourbon & Branch</b>")
-  end
-
-  it "should pass through incompletely escaped tags" do
-    EscapeUtils.unescape_html("&").should eql("&")
-    EscapeUtils.unescape_html("&lt").should eql("&lt")
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;".encode('us-ascii')
-      EscapeUtils.unescape_html(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "&lt;b&gt;Bourbon &amp; Branch&lt;/b&gt;".encode('utf-8')
-      EscapeUtils.unescape_html(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end

data/spec/html_safety_spec.rb

@@ -1,48 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper.rb')
-
-class Object
-  def html_safe?
-    false
-  end
-end
-
-class TestSafeBuffer < String
-  def html_safe?
-    true
-  end
-
-  def html_safe
-    self
-  end
-
-  def to_s
-    self
-  end
-end
-
-class String
-  def html_safe
-    TestSafeBuffer.new(self)
-  end
-end
-
-include EscapeUtils::HtmlSafety
-
-describe EscapeUtils::HtmlSafety do
-
-  it "should escape unsafe strings and make them safe" do
-    escaped = _escape_html("<strong>unsafe</strong>")
-    escaped.should eql("&lt;strong&gt;unsafe&lt;&#47;strong&gt;")
-    escaped.should be_html_safe
-  end
-
-  it "shouldn't escape safe strings" do
-    _escape_html("<p>safe string</p>".html_safe).should eql("<p>safe string</p>")
-  end
-
-  it "should work with non strings" do
-    _escape_html(5).should eql("5")
-    _escape_html(:hello).should eql("hello")
-  end
-
-end

data/spec/javascript/escape_spec.rb

@@ -1,34 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-
-describe EscapeUtils, "escape_javascript" do
-  it "should respond to escape_javascript" do
-    EscapeUtils.should respond_to(:escape_javascript)
-  end
-
-  # these are from the ActionView tests
-  it "should return an empty string if passed nil" do
-    EscapeUtils.escape_javascript(nil).should eql("")
-  end
-
-  it "should escape quotes and newlines" do
-    EscapeUtils.escape_javascript(%(This "thing" is really\n netos\r\n\n')).should eql(%(This \\"thing\\" is really\\n netos\\n\\n\\'))
-  end
-
-  it "should escape backslashes" do
-    EscapeUtils.escape_javascript(%(backslash\\test)).should eql(%(backslash\\\\test))
-  end
-
-  it "should escape closed html tags" do
-    EscapeUtils.escape_javascript(%(keep <open>, but dont </close> tags)).should eql(%(keep <open>, but dont <\\/close> tags))
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "dont </close> tags".encode('us-ascii')
-      EscapeUtils.escape_javascript(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "dont </close> tags".encode('utf-8')
-      EscapeUtils.escape_javascript(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end
-

data/spec/javascript/unescape_spec.rb

@@ -1,37 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-
-describe EscapeUtils, "unescape_javascript" do
-  it "should respond to unescape_javascript" do
-    EscapeUtils.should respond_to(:unescape_javascript)
-  end
-
-  # these are from the ActionView tests
-  it "should return an empty string if passed nil" do
-    EscapeUtils.unescape_javascript(nil).should eql("")
-  end
-
-  it "should unescape quotes and newlines" do
-    EscapeUtils.unescape_javascript(%(This \\"thing\\" is really\\n netos\\n\\n\\')).should eql(%(This "thing" is really\n netos\n\n'))
-  end
-
-  it "should unescape backslashes" do
-    EscapeUtils.unescape_javascript(%(backslash\\\\test)).should eql(%(backslash\\test))
-  end
-
-  it "should unescape closed html tags" do
-    EscapeUtils.unescape_javascript(%(dont <\\/close> tags)).should eql(%(dont </close> tags))
-  end
-
-  it "should pass through standalone '\'" do
-    EscapeUtils.unescape_javascript("\\").should eql("\\")
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "dont <\\/close> tags".encode('us-ascii')
-      EscapeUtils.unescape_javascript(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "dont <\\/close> tags".encode('utf-8')
-      EscapeUtils.unescape_javascript(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end

data/spec/query/escape_spec.rb

@@ -1,44 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-
-describe EscapeUtils, "escape_url" do
-  it "should respond to escape_url" do
-    EscapeUtils.should respond_to(:escape_url)
-  end
-
-  it "should escape a basic url" do
-    EscapeUtils.escape_url("http://www.homerun.com/").should eql("http%3A%2F%2Fwww.homerun.com%2F")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape a url containing tags" do
-    EscapeUtils.escape_url("fo<o>bar").should eql("fo%3Co%3Ebar")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape a url with spaces" do
-    EscapeUtils.escape_url("a space").should eql("a+space")
-    EscapeUtils.escape_url("a   sp ace ").should eql("a+++sp+ace+")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape a string of mixed characters" do
-    EscapeUtils.escape_url("q1!2\"'w$5&7/z8)?\\").should eql("q1%212%22%27w%245%267%2Fz8%29%3F%5C")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape correctly for multibyte characters" do
-    matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8" # Matsumoto
-    EscapeUtils.escape_url(matz_name).should eql('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8')
-    matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8" # Matsu moto
-    EscapeUtils.escape_url(matz_name_sep).should eql('%E3%81%BE%E3%81%A4+%E3%82%82%E3%81%A8')
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "http://www.homerun.com/".encode('us-ascii')
-      EscapeUtils.escape_url(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "http://www.homerun.com/".encode('utf-8')
-      EscapeUtils.escape_url(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end

data/spec/query/unescape_spec.rb

@@ -1,46 +0,0 @@
-# encoding: UTF-8
-
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-
-describe EscapeUtils, "unescape_url" do
-  it "should respond to unescape_url" do
-    EscapeUtils.should respond_to(:unescape_url)
-  end
-
-  it "should unescape a basic url" do
-    EscapeUtils.unescape_url("http%3A%2F%2Fwww.homerun.com%2F").should eql("http://www.homerun.com/")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should unescape a url containing tags" do
-    EscapeUtils.unescape_url("fo%3Co%3Ebar").should eql("fo<o>bar")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should unescape a url with spaces" do
-    EscapeUtils.unescape_url("a+space").should eql("a space")
-    EscapeUtils.unescape_url("a+++sp+ace+").should eql("a   sp ace ")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should unescape a string of mixed characters" do
-    EscapeUtils.unescape_url("q1%212%22%27w%245%267%2Fz8%29%3F%5C").should eql("q1!2\"'w$5&7/z8)?\\")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should unescape correctly for multibyte characters" do
-    matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8" # Matsumoto
-    EscapeUtils.unescape_url('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8').should eql(matz_name)
-    matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8" # Matsu moto
-    EscapeUtils.unescape_url('%E3%81%BE%E3%81%A4+%E3%82%82%E3%81%A8').should eql(matz_name_sep)
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "http%3A%2F%2Fwww.homerun.com%2F".encode('us-ascii')
-      EscapeUtils.unescape_url(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "http%3A%2F%2Fwww.homerun.com%2F".encode('utf-8')
-      EscapeUtils.unescape_url(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end

data/spec/rcov.opts

@@ -1,3 +0,0 @@
---exclude spec,gem
---text-summary
---sort coverage --sort-reverse

data/spec/spec_helper.rb

@@ -1,5 +0,0 @@
-$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/..')
-$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
-
-require 'rspec'
-require 'escape_utils'

data/spec/uri/escape_spec.rb

@@ -1,43 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
-require 'uri'
-
-describe EscapeUtils, "escape_uri" do
-  it "should respond to escape_uri" do
-    EscapeUtils.should respond_to(:escape_uri)
-  end
-
-  it "should escape each byte exactly like URI.escape" do
-    (0..255).each do |i|
-      c = i.chr
-      EscapeUtils.escape_uri(c).should eql(URI.escape(c))
-    end
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape a url containing tags" do
-    EscapeUtils.escape_uri("fo<o>bar").should eql("fo%3Co%3Ebar")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape a url with spaces" do
-    EscapeUtils.escape_uri("a space").should eql("a%20space")
-    EscapeUtils.escape_uri("a   sp ace ").should eql("a%20%20%20sp%20ace%20")
-  end
-
-  # NOTE: from Rack's test suite
-  it "should escape correctly for multibyte characters" do
-    matz_name = "\xE3\x81\xBE\xE3\x81\xA4\xE3\x82\x82\xE3\x81\xA8" # Matsumoto
-    EscapeUtils.escape_uri(matz_name).should eql('%E3%81%BE%E3%81%A4%E3%82%82%E3%81%A8')
-    matz_name_sep = "\xE3\x81\xBE\xE3\x81\xA4 \xE3\x82\x82\xE3\x81\xA8" # Matsu moto
-    EscapeUtils.escape_uri(matz_name_sep).should eql('%E3%81%BE%E3%81%A4%20%E3%82%82%E3%81%A8')
-  end
-
-  if RUBY_VERSION =~ /^1.9/
-    it "return value should be in original string's encoding" do
-      str = "http://www.homerun.com/".encode('us-ascii')
-      EscapeUtils.escape_uri(str).encoding.should eql(Encoding.find('us-ascii'))
-      str = "http://www.homerun.com/".encode('utf-8')
-      EscapeUtils.escape_uri(str).encoding.should eql(Encoding.find('utf-8'))
-    end
-  end
-end