在 iPhone 上使用 Objective-c 进行 HTML 实体编码(将“<”转换为“<”)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1666717/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
HTML entity encoding (convert '<' to '<') on iPhone in objective-c
提问by Markus
I'm developing an application for the iPhone that has inApp-mail sending capabilities. So far so good, but now I want to avoid html-injections as some parts of the mail are user-generated texts.
我正在为具有 inApp-mail 发送功能的 iPhone 开发应用程序。到目前为止一切顺利,但现在我想避免 html 注入,因为邮件的某些部分是用户生成的文本。
Basically I search for something like this:
基本上我搜索这样的东西:
// inits
NSString *sourceString = [NSString stringWithString:@"Hello world! Grü?e dich Welt <-- This is in German."];
// ----- THAT'S WHAT I'M LOOKING FOR
// pseudo-code |
// V
NSString *htmlEncodedString = [sourceString htmlEncode];
// log
NSLog(@"source string: %@", sourceString);
NSLog(@"encoded string: %@", htmlEncodedString);
Expected outputsource string: Hello world! Grü?e dich Welt <-- This is in German.encoded string: Hello world! Grüße dich Welt <-- This is in German.
I already googled and looked through several of SO's questions and answers, but all of them seem to be related to URL-encodingand that's not what I really need (I tried stringByAddingPercentEscapesUsingEncodingwith no luck - it creates %C3%BC out of an 'ü' that should be an ü).
预期的输出source string: Hello world! Grü?e dich Welt <-- This is in German.encoded string: Hello world! Grüße dich Welt <-- This is in German.
我已经用谷歌搜索并查看了几个 SO 的问题和答案,但所有这些似乎都与URL 编码有关,这不是我真正需要的(我尝试stringByAddingPercentEscapesUsingEncoding没有运气 - 它创建了 %C3%BC 'ü' 应该是 ü)。
A code sample would be really great (correcting mine?)...
代码示例真的很棒(纠正我的?)...
--
Thanks in advance,
Markus
--
提前致谢,
马库斯
回答by Michael Waterfall
Check out my NSString category for HTML. Here are the methods available:
查看我的NSString 类别以获取 HTML。以下是可用的方法:
- (NSString *)stringByConvertingHTMLToPlainText;
- (NSString *)stringByDecodingHTMLEntities;
- (NSString *)stringByEncodingHTMLEntities;
- (NSString *)stringWithNewLinesAsBRs;
- (NSString *)stringByRemovingNewLinesAndWhitespace;
回答by Markus
Thanks @all. I ended up using my own implementation:
谢谢@all。我最终使用了我自己的实现:
//
// _________________________________________
//
// textToHtml
// _________________________________________
//
- (NSString*)textToHtml:(NSString*)htmlString {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&" withString:@"&"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<" withString:@"<"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@">" withString:@">"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"""];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'" withString:@"'"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br>"];
return htmlString;
}
回答by Soul Clinic
A little improvement on @Markus' code [Change <br /> to <p></p>, escape multiple spaces]
对@Markus 代码的一点改进 [将 <br /> 改为 <p></p>,转义多个空格]
- (NSString*)textToHtml:(NSString*)htmlString {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&" withString:@"&"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<" withString:@"<"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@">" withString:@">"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"""];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'" withString:@"'"];
htmlString = [@"<p>" stringByAppendingString:htmlString];
htmlString = [htmlString stringByAppendingString:@"</p>"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"</p><p>"];
// htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br />"];
while ([htmlString rangeOfString:@" "].length > 0) {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@" " withString:@" "];
}
return htmlString;
}
回答by Bhimbim
I'm expanding @Markus answer, because my case is i'm sending JSON string, so i need to added some escape, these are my function :
我正在扩展@Markus 答案,因为我的情况是我正在发送 JSON 字符串,所以我需要添加一些转义,这些是我的功能:
note : the exception reference from w3schools. https://www.w3schools.com/tags/ref_urlencode.asp
注意:来自 w3schools 的异常引用。https://www.w3schools.com/tags/ref_urlencode.asp
- (NSString*)convertStringToHTMLEscape:(NSString*)stringContent
{
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"{" withString:@"%7B"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"}" withString:@"%7D"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"[" withString:@"%5B"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"]" withString:@"%5D"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@" " withString:@"%20"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\"" withString:@"%22"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\" withString:@"%5C"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"/" withString:@"%2F"];
return stringContent;
}
回答by MJensen
I have been looking for a similar solution and this did the job for me
我一直在寻找类似的解决方案,这对我有用
NSString* value = @"<&>";
const void* keys[1] = {CFSTR("somekey")};
const void* values[1] = {value};
CFDictionaryRef dicRef = CFDictionaryCreate(kCFAllocatorDefault, keys, values, 1, nil, nil);
CFDataRef dataRef = CFPropertyListCreateData(kCFAllocatorDefault, dicRef, kCFPropertyListXMLFormat_v1_0, 0, NULL);
NSString *str = [[NSString alloc]initWithData:(NSData *)dataRef encoding:NSUTF8StringEncoding];
NSRange start =[str rangeOfString:@"string>"];
NSRange end =[str rangeOfString:@"</string"];
NSString *substr = [str substringWithRange:NSMakeRange(start.location+start.length, end.location-(start.location+start.length))];
[str release];
CFRelease(dicRef);
CFRelease(dataRef);
//Substring is now html entity encoded
//子字符串现在是html实体编码
I am using some of the features that is used when saving plist files. I hope this helps.
我正在使用保存 plist 文件时使用的一些功能。我希望这有帮助。
回答by teabot
Assuming the character encoding of the email supports Unicode - say UTF-8 - could you not just find and replace the occurrences of <, >, and &with <, >, and &?
假设电子邮件支持Unicode字符编码-比如UTF-8 -你能不能只查找和替换的发生<,>以及&有<,>和&?
