MCPcopy
hub / github.com/google/guava / XmlEscapers

Class XmlEscapers

guava/src/com/google/common/xml/XmlEscapers.java:40–140  ·  view source on GitHub ↗

{@code Escaper} instances suitable for strings to be included in XML attribute values and elements' text contents. When possible, avoid manual escaping by using templating systems and high-level APIs that provide autoescaping. For example, consider <a href="http://www.xom.nu/">XOM</a>. <p><b>Note:<

Source from the content-addressed store, hash-verified

38 * @since 15.0
39 */
40@GwtCompatible
41public class XmlEscapers {
42 private XmlEscapers() {}
43
44 private static final char MIN_ASCII_CONTROL_CHAR = 0x00;
45 private static final char MAX_ASCII_CONTROL_CHAR = 0x1F;
46
47 // For each xxxEscaper() method, please add links to external reference pages
48 // that are considered authoritative for the behavior of that escaper.
49
50 /**
51 * Returns an {@link Escaper} instance that escapes special characters in a string so it can
52 * safely be included in an XML document as element content. See section <a
53 * href="http://www.w3.org/TR/2008/REC-xml-20081126/#syntax">2.4</a> of the XML specification.
54 *
55 * <p><b>Note:</b> Double and single quotes are not escaped, so it is <b>not safe</b> to use this
56 * escaper to escape attribute values. Use {@link #xmlContentEscaper} if the output can appear in
57 * element content or {@link #xmlAttributeEscaper} in attribute values.
58 *
59 * <p>This escaper substitutes {@code 0xFFFD} for non-whitespace control characters and the
60 * character values {@code 0xFFFE} and {@code 0xFFFF} which are not permitted in XML. For more
61 * detail see section <a href="http://www.w3.org/TR/2008/REC-xml-20081126/#charsets">2.2</a> of
62 * the XML specification.
63 *
64 * <p>This escaper does not escape non-ASCII characters to their numeric character references
65 * (NCR). Any non-ASCII characters appearing in the input will be preserved in the output.
66 * Specifically "\r" (carriage return) is preserved in the output, which may result in it being
67 * silently converted to "\n" when the XML is parsed.
68 *
69 * <p>This escaper does not treat surrogate pairs specially and does not perform Unicode
70 * validation on its input.
71 */
72 public static Escaper xmlContentEscaper() {
73 return XML_CONTENT_ESCAPER;
74 }
75
76 /**
77 * Returns an {@link Escaper} instance that escapes special characters in a string so it can
78 * safely be included in XML document as an attribute value. See section <a
79 * href="http://www.w3.org/TR/2008/REC-xml-20081126/#AVNormalize">3.3.3</a> of the XML
80 * specification.
81 *
82 * <p>This escaper substitutes {@code 0xFFFD} for non-whitespace control characters and the
83 * character values {@code 0xFFFE} and {@code 0xFFFF} which are not permitted in XML. For more
84 * detail see section <a href="http://www.w3.org/TR/2008/REC-xml-20081126/#charsets">2.2</a> of
85 * the XML specification.
86 *
87 * <p>This escaper does not escape non-ASCII characters to their numeric character references
88 * (NCR). However, horizontal tab {@code '\t'}, line feed {@code '\n'} and carriage return {@code
89 * '\r'} are escaped to a corresponding NCR {@code "&#x9;"}, {@code "&#xA;"}, and {@code "&#xD;"}
90 * respectively. Any other non-ASCII characters appearing in the input will be preserved in the
91 * output.
92 *
93 * <p>This escaper does not treat surrogate pairs specially and does not perform Unicode
94 * validation on its input.
95 */
96 @SuppressWarnings("EscapedEntity") // We do mean for the user to see &#x9;" etc.
97 public static Escaper xmlAttributeEscaper() {

Callers

nothing calls this directly

Calls 5

builderMethod · 0.95
setSafeRangeMethod · 0.45
setUnsafeReplacementMethod · 0.45
addEscapeMethod · 0.45
buildMethod · 0.45

Tested by

no test coverage detected