|
|
@@ -1,62 +1,62 @@
|
|
|
-//package com.style24.core.support.text;
|
|
|
-//
|
|
|
-//import java.util.Collections;
|
|
|
-//import java.util.HashMap;
|
|
|
-//import java.util.Map;
|
|
|
-//
|
|
|
-//import org.apache.commons.text.translate.AggregateTranslator;
|
|
|
-//import org.apache.commons.text.translate.CharSequenceTranslator;
|
|
|
-//import org.apache.commons.text.translate.EntityArrays;
|
|
|
-//import org.apache.commons.text.translate.LookupTranslator;
|
|
|
-//
|
|
|
-//import com.fasterxml.jackson.core.SerializableString;
|
|
|
-//import com.fasterxml.jackson.core.io.CharacterEscapes;
|
|
|
-//import com.fasterxml.jackson.core.io.SerializedString;
|
|
|
-//
|
|
|
-//@SuppressWarnings("serial")
|
|
|
-//public class TscHtmlCharacterEscapes extends CharacterEscapes {
|
|
|
-//
|
|
|
-// private final int[] asciiEscapes;
|
|
|
-//
|
|
|
-// private final CharSequenceTranslator translator;
|
|
|
-//
|
|
|
-// public TscHtmlCharacterEscapes() {
|
|
|
-// // XSS 방지 처리할 특수 문자 지정
|
|
|
-// asciiEscapes = CharacterEscapes.standardAsciiEscapesForJSON();
|
|
|
-// asciiEscapes['<'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-// asciiEscapes['>'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-// asciiEscapes['&'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-// asciiEscapes['\"'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-//// asciiEscapes['('] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-//// asciiEscapes[')'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-//// asciiEscapes['#'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-// asciiEscapes['\''] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
-//
|
|
|
-// Map<CharSequence, CharSequence> lookupMap = new HashMap<>();
|
|
|
-// lookupMap.put("(", "(");
|
|
|
-// lookupMap.put(")", ")");
|
|
|
-// lookupMap.put("#", "#");
|
|
|
-// lookupMap.put("\\", "'");
|
|
|
-// Map<CharSequence, CharSequence> CUSTOM_ESCAPE = Collections.unmodifiableMap(lookupMap);
|
|
|
-//
|
|
|
-// // XSS 방지 처리 특수문자 인코딩 값 지정
|
|
|
-// this.translator = new AggregateTranslator(
|
|
|
-// new LookupTranslator(EntityArrays.BASIC_ESCAPE), // <, >, &, "는 여기에 포함
|
|
|
-// new LookupTranslator(EntityArrays.ISO8859_1_ESCAPE),
|
|
|
-// new LookupTranslator(EntityArrays.HTML40_EXTENDED_ESCAPE),
|
|
|
-// new LookupTranslator(CUSTOM_ESCAPE));
|
|
|
-// }
|
|
|
-//
|
|
|
-// @Override
|
|
|
-// public int[] getEscapeCodesForAscii() {
|
|
|
-// return asciiEscapes;
|
|
|
-// }
|
|
|
-//
|
|
|
-// @Override
|
|
|
-// public SerializableString getEscapeSequence(int ch) {
|
|
|
-// return new SerializedString(translator.translate(Character.toString((char)ch)));
|
|
|
-// // 커스터마이징이 필요 없다면 아래걸 그대로 사용
|
|
|
-//// return new SerializedString(StringEscapeUtils.escapeHtml4(Character.toString((char)ch)));
|
|
|
-// }
|
|
|
-//
|
|
|
-//}
|
|
|
+package com.style24.core.support.text;
|
|
|
+
|
|
|
+import java.util.Collections;
|
|
|
+import java.util.HashMap;
|
|
|
+import java.util.Map;
|
|
|
+
|
|
|
+import org.apache.commons.text.translate.AggregateTranslator;
|
|
|
+import org.apache.commons.text.translate.CharSequenceTranslator;
|
|
|
+import org.apache.commons.text.translate.EntityArrays;
|
|
|
+import org.apache.commons.text.translate.LookupTranslator;
|
|
|
+
|
|
|
+import com.fasterxml.jackson.core.SerializableString;
|
|
|
+import com.fasterxml.jackson.core.io.CharacterEscapes;
|
|
|
+import com.fasterxml.jackson.core.io.SerializedString;
|
|
|
+
|
|
|
+@SuppressWarnings("serial")
|
|
|
+public class TscHtmlCharacterEscapes extends CharacterEscapes {
|
|
|
+
|
|
|
+ private final int[] asciiEscapes;
|
|
|
+
|
|
|
+ private final CharSequenceTranslator translator;
|
|
|
+
|
|
|
+ public TscHtmlCharacterEscapes() {
|
|
|
+ // XSS 방지 처리할 특수 문자 지정
|
|
|
+ asciiEscapes = CharacterEscapes.standardAsciiEscapesForJSON();
|
|
|
+ asciiEscapes['<'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+ asciiEscapes['>'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+ asciiEscapes['&'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+ asciiEscapes['\"'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+// asciiEscapes['('] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+// asciiEscapes[')'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+// asciiEscapes['#'] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+ asciiEscapes['\''] = CharacterEscapes.ESCAPE_CUSTOM;
|
|
|
+
|
|
|
+ Map<CharSequence, CharSequence> lookupMap = new HashMap<>();
|
|
|
+ lookupMap.put("(", "(");
|
|
|
+ lookupMap.put(")", ")");
|
|
|
+ lookupMap.put("#", "#");
|
|
|
+ lookupMap.put("\\", "'");
|
|
|
+ Map<CharSequence, CharSequence> CUSTOM_ESCAPE = Collections.unmodifiableMap(lookupMap);
|
|
|
+
|
|
|
+ // XSS 방지 처리 특수문자 인코딩 값 지정
|
|
|
+ this.translator = new AggregateTranslator(
|
|
|
+ new LookupTranslator(EntityArrays.BASIC_ESCAPE), // <, >, &, "는 여기에 포함
|
|
|
+ new LookupTranslator(EntityArrays.ISO8859_1_ESCAPE),
|
|
|
+ new LookupTranslator(EntityArrays.HTML40_EXTENDED_ESCAPE),
|
|
|
+ new LookupTranslator(CUSTOM_ESCAPE));
|
|
|
+ }
|
|
|
+
|
|
|
+ @Override
|
|
|
+ public int[] getEscapeCodesForAscii() {
|
|
|
+ return asciiEscapes;
|
|
|
+ }
|
|
|
+
|
|
|
+ @Override
|
|
|
+ public SerializableString getEscapeSequence(int ch) {
|
|
|
+ return new SerializedString(translator.translate(Character.toString((char)ch)));
|
|
|
+ // 커스터마이징이 필요 없다면 아래걸 그대로 사용
|
|
|
+// return new SerializedString(StringEscapeUtils.escapeHtml4(Character.toString((char)ch)));
|
|
|
+ }
|
|
|
+
|
|
|
+}
|
gagamel