forked from mirrors/gotosocial
104 lines
3.1 KiB
Go
104 lines
3.1 KiB
Go
|
package html
|
||
|
|
||
|
var (
|
||
|
singleQuoteEntityBytes = []byte("'")
|
||
|
doubleQuoteEntityBytes = []byte(""")
|
||
|
)
|
||
|
|
||
|
// EscapeAttrVal returns the escaped attribute value bytes without quotes.
|
||
|
func EscapeAttrVal(buf *[]byte, orig, b []byte, isXML bool) []byte {
|
||
|
singles := 0
|
||
|
doubles := 0
|
||
|
unquoted := true
|
||
|
entities := false
|
||
|
for _, c := range b {
|
||
|
if charTable[c] {
|
||
|
unquoted = false
|
||
|
if c == '"' {
|
||
|
doubles++
|
||
|
} else if c == '\'' {
|
||
|
singles++
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
if unquoted && !isXML {
|
||
|
return b
|
||
|
} else if !entities && len(orig) == len(b)+2 && (singles == 0 && orig[0] == '\'' || doubles == 0 && orig[0] == '"') {
|
||
|
return orig
|
||
|
}
|
||
|
|
||
|
n := len(b) + 2
|
||
|
var quote byte
|
||
|
var escapedQuote []byte
|
||
|
if singles >= doubles || isXML {
|
||
|
n += doubles * 4
|
||
|
quote = '"'
|
||
|
escapedQuote = doubleQuoteEntityBytes
|
||
|
} else {
|
||
|
n += singles * 4
|
||
|
quote = '\''
|
||
|
escapedQuote = singleQuoteEntityBytes
|
||
|
}
|
||
|
if n > cap(*buf) {
|
||
|
*buf = make([]byte, 0, n) // maximum size, not actual size
|
||
|
}
|
||
|
t := (*buf)[:n] // maximum size, not actual size
|
||
|
t[0] = quote
|
||
|
j := 1
|
||
|
start := 0
|
||
|
for i, c := range b {
|
||
|
if c == quote {
|
||
|
j += copy(t[j:], b[start:i])
|
||
|
j += copy(t[j:], escapedQuote)
|
||
|
start = i + 1
|
||
|
}
|
||
|
}
|
||
|
j += copy(t[j:], b[start:])
|
||
|
t[j] = quote
|
||
|
return t[:j+1]
|
||
|
}
|
||
|
|
||
|
var charTable = [256]bool{
|
||
|
// ASCII
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, true, true, false, true, true, false, false, // tab, line feed, form feed, carriage return
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
|
||
|
true, false, true, false, false, false, false, true, // space, "), '
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, true, true, true, false, // <, =, >
|
||
|
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
|
||
|
true, false, false, false, false, false, false, false, // `
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
|
||
|
// non-ASCII
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
false, false, false, false, false, false, false, false,
|
||
|
}
|