一、前言
基于directwebremoting包dwr-3.0.jar中的JavascriptUtil脚本工具类,对脚本常用黑名单过滤、特殊关键词斜杠转换场景互转escapeJavaScript/unescapeJavaScript等操作处理。
二、源码说明
package org.directwebremoting.util;@b@@b@import java.util.Arrays;@b@import java.util.Locale;@b@import java.util.SortedSet;@b@import java.util.TreeSet;@b@@b@public class JavascriptUtil@b@{@b@ private static final String[] RESERVED_ARRAY = { "as", "break", "case", "catch", "class", "const", "continue", "default", "delete", "do", "else", "export", "extends", "false", "finally", "for", "function", "if", "import", "in", "instanceof", "is", "namespace", "new", "null", "package", "private", "public", "return", "super", "switch", "this", "throw", "true", "try", "typeof", "use", "var", "void", "while", "with", "abstract", "debugger", "enum", "goto", "implements", "interface", "native", "protected", "synchronized", "throws", "transient", "volatile", "boolean", "byte", "char", "double", "final", "float", "int", "long", "short", "static" };@b@ private static SortedSet<String> reserved = new TreeSet();@b@@b@ public static String escapeJavaScript(String str)@b@ {@b@ if (str == null)@b@ {@b@ return null;@b@ }@b@@b@ StringBuffer writer = new StringBuffer(str.length() * 2);@b@@b@ int sz = str.length();@b@ for (int i = 0; i < sz; ++i)@b@ {@b@ char ch = str.charAt(i);@b@@b@ if (ch > 4095)@b@ {@b@ writer.append("\\u");@b@ writer.append(hex(ch));@b@ }@b@ else if (ch > 255)@b@ {@b@ writer.append("\\u0");@b@ writer.append(hex(ch));@b@ }@b@ else if (ch > '')@b@ {@b@ writer.append("\\u00");@b@ writer.append(hex(ch));@b@ } else {@b@ if (ch < ' ');@b@ switch (ch)@b@ {@b@ case '\b':@b@ writer.append('\\');@b@ writer.append('b');@b@ break;@b@ case '\n':@b@ writer.append('\\');@b@ writer.append('n');@b@ break;@b@ case '\t':@b@ writer.append('\\');@b@ writer.append('t');@b@ break;@b@ case '\f':@b@ writer.append('\\');@b@ writer.append('f');@b@ break;@b@ case '\r':@b@ writer.append('\\');@b@ writer.append('r');@b@ break;@b@ case '\11':@b@ default:@b@ if (ch > '\15')@b@ {@b@ writer.append("\\u00");@b@ writer.append(hex(ch));@b@ }@b@ else@b@ {@b@ writer.append("\\u000");@b@ writer.append(hex(ch));@b@@b@ break label394:@b@@b@ switch (ch)@b@ {@b@ case '\'':@b@ writer.append('\\');@b@ writer.append('\'');@b@ break;@b@ case '"':@b@ writer.append('\\');@b@ writer.append('"');@b@ break;@b@ case '\\':@b@ writer.append('\\');@b@ writer.append('\\');@b@ break;@b@ default:@b@ writer.append(ch);@b@ }@b@ }@b@ }@b@ }@b@ }@b@ label394: return writer.toString();@b@ }@b@@b@ private static String hex(char ch)@b@ {@b@ return Integer.toHexString(ch).toUpperCase(Locale.ENGLISH);@b@ }@b@@b@ public static String unescapeJavaScript(String str)@b@ {@b@ if (str == null)@b@ {@b@ return null;@b@ }@b@@b@ StringBuffer writer = new StringBuffer(str.length());@b@ int sz = str.length();@b@ StringBuffer unicode = new StringBuffer(4);@b@ boolean hadSlash = false;@b@ boolean inUnicode = false;@b@@b@ for (int i = 0; i < sz; ++i)@b@ {@b@ char ch = str.charAt(i);@b@ if (inUnicode)@b@ {@b@ unicode.append(ch);@b@ if (unicode.length() != 4) {@b@ break label356;@b@ }@b@@b@ try@b@ {@b@ int value = Integer.parseInt(unicode.toString(), 16);@b@ writer.append((char)value);@b@ unicode.setLength(0);@b@ inUnicode = false;@b@ hadSlash = false;@b@ }@b@ catch (NumberFormatException nfe)@b@ {@b@ throw new IllegalArgumentException("Unable to parse unicode value: " + unicode + " cause: " + nfe);@b@ }@b@@b@ }@b@@b@ if (hadSlash)@b@ {@b@ hadSlash = false; }@b@ switch (ch)@b@ {@b@ case '\\':@b@ writer.append('\\');@b@ break;@b@ case '\'':@b@ writer.append('\'');@b@ break;@b@ case '"':@b@ writer.append('"');@b@ break;@b@ case 'r':@b@ writer.append('\r');@b@ break;@b@ case 'f':@b@ writer.append('\f');@b@ break;@b@ case 't':@b@ writer.append('\t');@b@ break;@b@ case 'n':@b@ writer.append('\n');@b@ break;@b@ case 'b':@b@ writer.append('\b');@b@ break;@b@ case 'u':@b@ inUnicode = true;@b@ break;@b@ default:@b@ writer.append(ch);@b@ break label356:@b@@b@ if (ch == '\\')@b@ {@b@ hadSlash = true;@b@ }@b@ else@b@ writer.append(ch);@b@ }@b@ }@b@ if (hadSlash)@b@ {@b@ label356: writer.append('\\');@b@ }@b@@b@ return writer.toString();@b@ }@b@@b@ public static boolean isReservedWord(String name)@b@ {@b@ return reserved.contains(name);@b@ }@b@@b@ static@b@ {@b@ reserved.addAll(Arrays.asList(RESERVED_ARRAY));@b@ }@b@}