© 2009 Google - Privacy Policy - Terms and Conditions - About Google
| Package | Description |
|---|---|
| com.google.template.soy.shared.restricted |
| Modifier and Type | Class and Description |
|---|---|
static class |
EscapingConventions.EscapeCssString
Implements the
|escapeCssString directive which allows arbitrary content to be
included in a CSS quoted string or identifier. |
static class |
EscapingConventions.EscapeHtml
Implements the
|escapeHtml directive. |
static class |
EscapingConventions.EscapeHtmlNospace
Implements the
|escapeHtmlNoSpace directive which allows arbitrary content
to be included in the value of an unquoted HTML attribute. |
static class |
EscapingConventions.EscapeJsRegex
Implements the
|escapeJsRegex directive which allows arbitrary content
to be included inside a JavaScript regular expression. |
static class |
EscapingConventions.EscapeJsString
Implements the
|escapeJsString directive which allows arbitrary content
to be included inside a quoted JavaScript string. |
static class |
EscapingConventions.EscapeUri
Implements the
|escapeUri directive which allows arbitrary content to be included in a
URI regardless of the string delimiters of the the surrounding language. |
static class |
EscapingConventions.FilterCssValue
Implements the
|filterCssValue directive which filters out strings that are not valid
CSS property names, keyword values, quantities, hex colors, or ID or class literals. |
static class |
EscapingConventions.FilterHtmlAttributes
Implements the
|filterHtmlAttributes directive which filters out identifiers that
can't appear as part of an HTML tag or attribute name. |
static class |
EscapingConventions.FilterHtmlElementName
Implements the
|filterHtmlElementName directive which filters out identifiers that
can't appear as part of an HTML tag or attribute name. |
static class |
EscapingConventions.FilterImageDataUri
Accepts only data URI's that contain an image.
|
static class |
EscapingConventions.FilterNormalizeMediaUri
Like
EscapingConventions.FilterNormalizeUri, but also accepts data: and blob: URIs, since
image sources don't execute script in the same origin as the page (although image handling
0-days are available from time to time, but a templating language can't realistically try to
protect against such a thing). |
static class |
EscapingConventions.FilterNormalizeUri
Like
EscapingConventions.NormalizeUri but filters out dangerous protocols. |
static class |
EscapingConventions.NormalizeHtml
A directive that encodes any HTML special characters that can appear in RCDATA unescaped but
that can be escaped without changing semantics.
|
static class |
EscapingConventions.NormalizeHtmlNospace
A directive that encodes any HTML special characters and unquoted attribute terminators that
can appear in RCDATA unescaped but that can be escaped without changing semantics.
|
static class |
EscapingConventions.NormalizeUri
Implements the
|normalizeUri directive which allows arbitrary content to be included
in a URI regardless of the string delimiters of the the surrounding language. |
| Modifier and Type | Method and Description |
|---|---|
static Iterable<EscapingConventions.CrossLanguageStringXform> |
EscapingConventions.getAllEscapers()
An accessor for all string transforms defined above.
|
© 2009 Google - Privacy Policy - Terms and Conditions - About Google