[英]HTML entity encoding (convert '<' to '<') on iPhone in objective-c
I'm developing an application for the iPhone that has inApp-mail sending capabilities. 我正在开发一个具有inApp-mail发送功能的iPhone应用程序。 So far so good, but now I want to avoid html-injections as some parts of the mail are user-generated texts.
到目前为止一直很好,但现在我想避免html注入,因为邮件的某些部分是用户生成的文本。
Basically I search for something like this: 基本上我搜索这样的东西:
// inits
NSString *sourceString = [NSString stringWithString:@"Hello world! Grüße dich Welt <-- This is in German."];
// ----- THAT'S WHAT I'M LOOKING FOR
// pseudo-code |
// V
NSString *htmlEncodedString = [sourceString htmlEncode];
// log
NSLog(@"source string: %@", sourceString);
NSLog(@"encoded string: %@", htmlEncodedString);
Expected output 预期产出
source string: Hello world! Grüße dich Welt <-- This is in German.
encoded string: Hello world! Grüße dich Welt <-- This is in German.
I already googled and looked through several of SO's questions and answers, but all of them seem to be related to URL-encoding and that's not what I really need (I tried stringByAddingPercentEscapesUsingEncoding
with no luck - it creates %C3%BC out of an 'ü' that should be an ü). 我已经用
stringByAddingPercentEscapesUsingEncoding
搜索并查看了SO的几个问题和答案,但所有这些似乎与URL编码有关,而这并不是我真正需要的(我尝试了stringByAddingPercentEscapesUsingEncoding
没有运气 - 它创造了%C3%BC' ü'应该是ü)。
A code sample would be really great (correcting mine?)... 一个代码示例真的很棒(纠正我的?)......
-- -
Thanks in advance, 提前致谢,
Markus 马库斯
Check out my NSString category for HTML . 查看我的NSString类别的HTML 。 Here are the methods available:
以下是可用的方法:
- (NSString *)stringByConvertingHTMLToPlainText;
- (NSString *)stringByDecodingHTMLEntities;
- (NSString *)stringByEncodingHTMLEntities;
- (NSString *)stringWithNewLinesAsBRs;
- (NSString *)stringByRemovingNewLinesAndWhitespace;
Thanks @all. 谢谢@all。 I ended up using my own implementation:
我最终使用了自己的实现:
//
// _________________________________________
//
// textToHtml
// _________________________________________
//
- (NSString*)textToHtml:(NSString*)htmlString {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&" withString:@"&"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<" withString:@"<"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@">" withString:@">"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"""];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'" withString:@"'"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br>"];
return htmlString;
}
A little improvement on @Markus' code [Change <br /> to <p></p>, escape multiple spaces] 关于@Markus代码的一点改进[更改<br />到<p> </ p>,转义多个空格]
- (NSString*)textToHtml:(NSString*)htmlString {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&" withString:@"&"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<" withString:@"<"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@">" withString:@">"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"""];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'" withString:@"'"];
htmlString = [@"<p>" stringByAppendingString:htmlString];
htmlString = [htmlString stringByAppendingString:@"</p>"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"</p><p>"];
// htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br />"];
while ([htmlString rangeOfString:@" "].length > 0) {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@" " withString:@" "];
}
return htmlString;
}
I'm expanding @Markus answer, because my case is i'm sending JSON string, so i need to added some escape, these are my function : 我正在扩展@Markus的答案,因为我的情况是我正在发送JSON字符串,所以我需要添加一些转义,这些是我的函数:
note : the exception reference from w3schools. 注意:来自w3schools的例外参考。 https://www.w3schools.com/tags/ref_urlencode.asp
https://www.w3schools.com/tags/ref_urlencode.asp
- (NSString*)convertStringToHTMLEscape:(NSString*)stringContent
{
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"{" withString:@"%7B"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"}" withString:@"%7D"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"[" withString:@"%5B"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"]" withString:@"%5D"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@" " withString:@"%20"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\"" withString:@"%22"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\\" withString:@"%5C"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"/" withString:@"%2F"];
return stringContent;
}
I have been looking for a similar solution and this did the job for me 我一直在寻找类似的解决方案,这对我来说很有帮助
NSString* value = @"<&>";
const void* keys[1] = {CFSTR("somekey")};
const void* values[1] = {value};
CFDictionaryRef dicRef = CFDictionaryCreate(kCFAllocatorDefault, keys, values, 1, nil, nil);
CFDataRef dataRef = CFPropertyListCreateData(kCFAllocatorDefault, dicRef, kCFPropertyListXMLFormat_v1_0, 0, NULL);
NSString *str = [[NSString alloc]initWithData:(NSData *)dataRef encoding:NSUTF8StringEncoding];
NSRange start =[str rangeOfString:@"string>"];
NSRange end =[str rangeOfString:@"</string"];
NSString *substr = [str substringWithRange:NSMakeRange(start.location+start.length, end.location-(start.location+start.length))];
[str release];
CFRelease(dicRef);
CFRelease(dataRef);
//Substring is now html entity encoded //子串现在是html实体编码的
I am using some of the features that is used when saving plist files. 我正在使用保存plist文件时使用的一些功能。 I hope this helps.
我希望这有帮助。
Assuming the character encoding of the email supports Unicode - say UTF-8 - could you not just find and replace the occurrences of <
, >
, and &
with <
, >
, and &
假设电子邮件的字符编码支持Unicode - 比如说UTF-8 - 您不仅可以找到并替换
<
, >
和&
与<
, >
和&
? ?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.