-
-
Notifications
You must be signed in to change notification settings - Fork 4.2k
/
string.js
119 lines (100 loc) · 2.72 KB
/
string.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/**
@module ember
@submodule ember-glimmer
*/
import { isFeatureEnabled, deprecate } from 'ember-metal';
export class SafeString {
constructor(string) {
this.string = string;
}
toString() {
return `${this.string}`;
}
toHTML() {
return this.toString();
}
}
export function getSafeString() {
deprecate(
'Ember.Handlebars.SafeString is deprecated in favor of Ember.String.htmlSafe',
!isFeatureEnabled('ember-string-ishtmlsafe'),
{
id: 'ember-htmlbars.ember-handlebars-safestring',
until: '3.0.0',
url: 'http://emberjs.com/deprecations/v2.x#toc_use-ember-string-htmlsafe-over-ember-handlebars-safestring'
}
);
return SafeString;
}
const escape = {
'&': '&',
'<': '<',
'>': '>',
'"': '"',
// jscs:disable
"'": ''',
// jscs:enable
'`': '`',
'=': '='
};
const possible = /[&<>"'`=]/;
const badChars = /[&<>"'`=]/g;
function escapeChar(chr) {
return escape[chr];
}
export function escapeExpression(string) {
if (typeof string !== 'string') {
// don't escape SafeStrings, since they're already safe
if (string && string.toHTML) {
return string.toHTML();
} else if (string == null) {
return '';
} else if (!string) {
return string + '';
}
// Force a string conversion as this will be done by the append regardless and
// the regex test will do this transparently behind the scenes, causing issues if
// an object's to string has escaped characters in it.
string = '' + string;
}
if (!possible.test(string)) { return string; }
return string.replace(badChars, escapeChar);
}
/**
Mark a string as safe for unescaped output with Ember templates. If you
return HTML from a helper, use this function to
ensure Ember's rendering layer does not escape the HTML.
```javascript
Ember.String.htmlSafe('<div>someString</div>')
```
@method htmlSafe
@for Ember.String
@static
@return {Handlebars.SafeString} A string that will not be HTML escaped by Handlebars.
@public
*/
export function htmlSafe(str) {
if (str === null || str === undefined) {
str = '';
} else if (typeof str !== 'string') {
str = '' + str;
}
return new SafeString(str);
}
/**
Detects if a string was decorated using `Ember.String.htmlSafe`.
```javascript
var plainString = 'plain string',
safeString = Ember.String.htmlSafe('<div>someValue</div>');
Ember.String.isHTMLSafe(plainString); // false
Ember.String.isHTMLSafe(safeString); // true
```
@method isHTMLSafe
@for Ember.String
@static
@return {Boolean} `true` if the string was decorated with `htmlSafe`, `false` otherwise.
@public
*/
export function isHTMLSafe(str) {
return str && typeof str.toHTML === 'function';
}