Moved common xml escaping code from xml.js, html.js to common.js.

1 files changed, 35 insertions, 1 deletions

diff --git a/js/lib/common.js b/js/lib/common.js
index 0104e68..8ba70a8 100644
--- a/js/lib/common.js
+++ b/js/lib/common.js
@@ -8,6 +8,12 @@ var ESCAPABLE = '[!"#$%&\'()*+,./:;<=>?@[\\\\\\]^_`{|}~-]';
 
 var reEntityOrEscapedChar = new RegExp('\\\\' + ESCAPABLE + '|' + ENTITY, 'gi');
 
+var XMLSPECIAL = '[&<>"]';
+
+var reXmlSpecial = new RegExp(XMLSPECIAL, 'g');
+
+var reXmlSpecialOrEntity = new RegExp(ENTITY + '|' + XMLSPECIAL, 'gi');
+
 var unescapeChar = function(s) {
     "use strict";
     if (s[0] === '\\') {
@@ -32,6 +38,34 @@ var normalizeURI = function(uri) {
     return encodeURI(unescape(uri));
 }
 
+var replaceUnsafeChar = function(s) {
+    switch (s) {
+    case '&':
+        return '&amp;';
+    case '<':
+        return '&lt;';
+    case '>':
+        return '&gt;';
+    case '"':
+        return '&quot;';
+    default:
+        return s;
+    }
+};
+
+var escapeXml = function(s, preserve_entities) {
+    if (reXmlSpecial.test(s)) {
+        if (preserve_entities) {
+            return s.replace(reXmlSpecialOrEntity, replaceUnsafeChar);
+        } else {
+            return s.replace(reXmlSpecial, replaceUnsafeChar);
+        }
+    } else {
+        return s;
+    }
+};
+
 module.exports = { unescapeString: unescapeString,
-                   normalizeURI: normalizeURI
+                   normalizeURI: normalizeURI,
+                   escapeXml: escapeXml,
                  };