escape-html.js
8.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
this["wp"] = this["wp"] || {}; this["wp"]["escapeHtml"] =
/******/ (function(modules) { // webpackBootstrap
/******/ // The module cache
/******/ var installedModules = {};
/******/
/******/ // The require function
/******/ function __webpack_require__(moduleId) {
/******/
/******/ // Check if module is in cache
/******/ if(installedModules[moduleId]) {
/******/ return installedModules[moduleId].exports;
/******/ }
/******/ // Create a new module (and put it into the cache)
/******/ var module = installedModules[moduleId] = {
/******/ i: moduleId,
/******/ l: false,
/******/ exports: {}
/******/ };
/******/
/******/ // Execute the module function
/******/ modules[moduleId].call(module.exports, module, module.exports, __webpack_require__);
/******/
/******/ // Flag the module as loaded
/******/ module.l = true;
/******/
/******/ // Return the exports of the module
/******/ return module.exports;
/******/ }
/******/
/******/
/******/ // expose the modules object (__webpack_modules__)
/******/ __webpack_require__.m = modules;
/******/
/******/ // expose the module cache
/******/ __webpack_require__.c = installedModules;
/******/
/******/ // define getter function for harmony exports
/******/ __webpack_require__.d = function(exports, name, getter) {
/******/ if(!__webpack_require__.o(exports, name)) {
/******/ Object.defineProperty(exports, name, { enumerable: true, get: getter });
/******/ }
/******/ };
/******/
/******/ // define __esModule on exports
/******/ __webpack_require__.r = function(exports) {
/******/ if(typeof Symbol !== 'undefined' && Symbol.toStringTag) {
/******/ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
/******/ }
/******/ Object.defineProperty(exports, '__esModule', { value: true });
/******/ };
/******/
/******/ // create a fake namespace object
/******/ // mode & 1: value is a module id, require it
/******/ // mode & 2: merge all properties of value into the ns
/******/ // mode & 4: return value when already ns object
/******/ // mode & 8|1: behave like require
/******/ __webpack_require__.t = function(value, mode) {
/******/ if(mode & 1) value = __webpack_require__(value);
/******/ if(mode & 8) return value;
/******/ if((mode & 4) && typeof value === 'object' && value && value.__esModule) return value;
/******/ var ns = Object.create(null);
/******/ __webpack_require__.r(ns);
/******/ Object.defineProperty(ns, 'default', { enumerable: true, value: value });
/******/ if(mode & 2 && typeof value != 'string') for(var key in value) __webpack_require__.d(ns, key, function(key) { return value[key]; }.bind(null, key));
/******/ return ns;
/******/ };
/******/
/******/ // getDefaultExport function for compatibility with non-harmony modules
/******/ __webpack_require__.n = function(module) {
/******/ var getter = module && module.__esModule ?
/******/ function getDefault() { return module['default']; } :
/******/ function getModuleExports() { return module; };
/******/ __webpack_require__.d(getter, 'a', getter);
/******/ return getter;
/******/ };
/******/
/******/ // Object.prototype.hasOwnProperty.call
/******/ __webpack_require__.o = function(object, property) { return Object.prototype.hasOwnProperty.call(object, property); };
/******/
/******/ // __webpack_public_path__
/******/ __webpack_require__.p = "";
/******/
/******/
/******/ // Load entry module and return exports
/******/ return __webpack_require__(__webpack_require__.s = "IsfW");
/******/ })
/************************************************************************/
/******/ ({
/***/ "IsfW":
/***/ (function(module, __webpack_exports__, __webpack_require__) {
"use strict";
// ESM COMPAT FLAG
__webpack_require__.r(__webpack_exports__);
// EXPORTS
__webpack_require__.d(__webpack_exports__, "escapeAmpersand", function() { return /* binding */ escapeAmpersand; });
__webpack_require__.d(__webpack_exports__, "escapeQuotationMark", function() { return /* binding */ escapeQuotationMark; });
__webpack_require__.d(__webpack_exports__, "escapeLessThan", function() { return /* binding */ escapeLessThan; });
__webpack_require__.d(__webpack_exports__, "escapeAttribute", function() { return /* binding */ escapeAttribute; });
__webpack_require__.d(__webpack_exports__, "escapeHTML", function() { return /* binding */ escapeHTML; });
__webpack_require__.d(__webpack_exports__, "escapeEditableHTML", function() { return /* binding */ escapeEditableHTML; });
__webpack_require__.d(__webpack_exports__, "isValidAttributeName", function() { return /* binding */ isValidAttributeName; });
// CONCATENATED MODULE: ./node_modules/@wordpress/escape-html/build-module/escape-greater.js
/**
* Returns a string with greater-than sign replaced.
*
* Note that if a resolution for Trac#45387 comes to fruition, it is no longer
* necessary for `__unstableEscapeGreaterThan` to exist.
*
* See: https://core.trac.wordpress.org/ticket/45387
*
* @param {string} value Original string.
*
* @return {string} Escaped string.
*/
function __unstableEscapeGreaterThan(value) {
return value.replace(/>/g, '>');
}
// CONCATENATED MODULE: ./node_modules/@wordpress/escape-html/build-module/index.js
/**
* Internal dependencies
*/
/**
* Regular expression matching invalid attribute names.
*
* "Attribute names must consist of one or more characters other than controls,
* U+0020 SPACE, U+0022 ("), U+0027 ('), U+003E (>), U+002F (/), U+003D (=),
* and noncharacters."
*
* @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
*
* @type {RegExp}
*/
const REGEXP_INVALID_ATTRIBUTE_NAME = /[\u007F-\u009F "'>/="\uFDD0-\uFDEF]/;
/**
* Returns a string with ampersands escaped. Note that this is an imperfect
* implementation, where only ampersands which do not appear as a pattern of
* named, decimal, or hexadecimal character references are escaped. Invalid
* named references (i.e. ambiguous ampersand) are are still permitted.
*
* @see https://w3c.github.io/html/syntax.html#character-references
* @see https://w3c.github.io/html/syntax.html#ambiguous-ampersand
* @see https://w3c.github.io/html/syntax.html#named-character-references
*
* @param {string} value Original string.
*
* @return {string} Escaped string.
*/
function escapeAmpersand(value) {
return value.replace(/&(?!([a-z0-9]+|#[0-9]+|#x[a-f0-9]+);)/gi, '&');
}
/**
* Returns a string with quotation marks replaced.
*
* @param {string} value Original string.
*
* @return {string} Escaped string.
*/
function escapeQuotationMark(value) {
return value.replace(/"/g, '"');
}
/**
* Returns a string with less-than sign replaced.
*
* @param {string} value Original string.
*
* @return {string} Escaped string.
*/
function escapeLessThan(value) {
return value.replace(/</g, '<');
}
/**
* Returns an escaped attribute value.
*
* @see https://w3c.github.io/html/syntax.html#elements-attributes
*
* "[...] the text cannot contain an ambiguous ampersand [...] must not contain
* any literal U+0022 QUOTATION MARK characters (")"
*
* Note we also escape the greater than symbol, as this is used by wptexturize to
* split HTML strings. This is a WordPress specific fix
*
* Note that if a resolution for Trac#45387 comes to fruition, it is no longer
* necessary for `__unstableEscapeGreaterThan` to be used.
*
* See: https://core.trac.wordpress.org/ticket/45387
*
* @param {string} value Attribute value.
*
* @return {string} Escaped attribute value.
*/
function escapeAttribute(value) {
return __unstableEscapeGreaterThan(escapeQuotationMark(escapeAmpersand(value)));
}
/**
* Returns an escaped HTML element value.
*
* @see https://w3c.github.io/html/syntax.html#writing-html-documents-elements
*
* "the text must not contain the character U+003C LESS-THAN SIGN (<) or an
* ambiguous ampersand."
*
* @param {string} value Element value.
*
* @return {string} Escaped HTML element value.
*/
function escapeHTML(value) {
return escapeLessThan(escapeAmpersand(value));
}
/**
* Returns an escaped Editable HTML element value. This is different from
* `escapeHTML`, because for editable HTML, ALL ampersands must be escaped in
* order to render the content correctly on the page.
*
* @param {string} value Element value.
*
* @return {string} Escaped HTML element value.
*/
function escapeEditableHTML(value) {
return escapeLessThan(value.replace(/&/g, '&'));
}
/**
* Returns true if the given attribute name is valid, or false otherwise.
*
* @param {string} name Attribute name to test.
*
* @return {boolean} Whether attribute is valid.
*/
function isValidAttributeName(name) {
return !REGEXP_INVALID_ATTRIBUTE_NAME.test(name);
}
/***/ })
/******/ });