HTMLのエスケープ処理をS2Functionsからコピー。
@@ -10,6 +10,22 @@ | ||
10 | 10 | */ |
11 | 11 | public class StringUtils { |
12 | 12 | |
13 | + private static final int HIGHEST_SPECIAL = '>'; | |
14 | + | |
15 | + private static String BR = "<br />"; | |
16 | + | |
17 | + private static String NBSP = " "; | |
18 | + | |
19 | + private static char[][] specialCharactersRepresentation = new char[HIGHEST_SPECIAL + 1][]; | |
20 | + | |
21 | + static { | |
22 | + specialCharactersRepresentation['&'] = "&".toCharArray(); | |
23 | + specialCharactersRepresentation['<'] = "<".toCharArray(); | |
24 | + specialCharactersRepresentation['>'] = ">".toCharArray(); | |
25 | + specialCharactersRepresentation['"'] = """.toCharArray(); | |
26 | + specialCharactersRepresentation['\''] = "'".toCharArray(); | |
27 | + } | |
28 | + | |
13 | 29 | private static String defaultEncode = "UTF-8"; |
14 | 30 | |
15 | 31 | public static void setDefaultEncode(String defaultEncode){ |
@@ -22,18 +38,40 @@ | ||
22 | 38 | * @param value 変換対象の文字列 |
23 | 39 | * @return 変換後の文字列。引数<code>value</code>が<code>null</code>の場合は空文字列 |
24 | 40 | */ |
25 | - public static String escapeHtml(String value){ | |
26 | - if(value == null){ | |
41 | + public static String escapeHtml(String buffer){ | |
42 | + if(buffer == null){ | |
27 | 43 | return ""; |
28 | 44 | } |
29 | 45 | |
30 | - value = value.replace("&", "&"); | |
31 | - value = value.replace("<", "<"); | |
32 | - value = value.replace(">", ">"); | |
33 | - value = value.replace("\"", """); | |
34 | - | |
35 | - return value; | |
36 | - } | |
46 | + int start = 0; | |
47 | + int length = buffer.length(); | |
48 | + char[] arrayBuffer = buffer.toCharArray(); | |
49 | + StringBuilder escapedBuffer = null; | |
50 | + | |
51 | + for (int i = 0; i < length; i++) { | |
52 | + char c = arrayBuffer[i]; | |
53 | + if (c <= HIGHEST_SPECIAL) { | |
54 | + char[] escaped = specialCharactersRepresentation[c]; | |
55 | + if (escaped != null) { | |
56 | + if (start == 0) { | |
57 | + escapedBuffer = new StringBuilder(length + 5); | |
58 | + } | |
59 | + if (start < i) { | |
60 | + escapedBuffer.append(arrayBuffer, start, i - start); | |
61 | + } | |
62 | + start = i + 1; | |
63 | + escapedBuffer.append(escaped); | |
64 | + } | |
65 | + } | |
66 | + } | |
67 | + if (start == 0) { | |
68 | + return buffer; | |
69 | + } | |
70 | + if (start < length) { | |
71 | + escapedBuffer.append(arrayBuffer, start, length - start); | |
72 | + } | |
73 | + return escapedBuffer.toString(); | |
74 | + } | |
37 | 75 | |
38 | 76 | /** |
39 | 77 | * デフォルトのエンコーディングでURLエンコードを行います。 |
@@ -77,9 +115,9 @@ | ||
77 | 115 | return ""; |
78 | 116 | } |
79 | 117 | |
80 | - value = value.replace("\r\n", "\n"); | |
81 | - value = value.replace("\r", "\n"); | |
82 | - value = value.replace("\n", "<br>"); | |
118 | + value = value.replace("\r\n", BR); | |
119 | + value = value.replace("\r", BR); | |
120 | + value = value.replace("\n", BR); | |
83 | 121 | |
84 | 122 | return value; |
85 | 123 | } |
@@ -112,7 +150,7 @@ | ||
112 | 150 | sb.append(c); |
113 | 151 | flag = false; |
114 | 152 | } else { |
115 | - sb.append(" "); | |
153 | + sb.append(NBSP); | |
116 | 154 | } |
117 | 155 | } else { |
118 | 156 | sb.append(c); |