1 package org.apache.turbine.modules;
2
3 /* ====================================================================
4 * The Apache Software License, Version 1.1
5 *
6 * Copyright (c) 2001 The Apache Software Foundation. All rights
7 * reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. The end-user documentation included with the redistribution,
22 * if any, must include the following acknowledgment:
23 * "This product includes software developed by the
24 * Apache Software Foundation (http://www.apache.org/)."
25 * Alternately, this acknowledgment may appear in the software itself,
26 * if and wherever such third-party acknowledgments normally appear.
27 *
28 * 4. The names "Apache" and "Apache Software Foundation" and
29 * "Apache Turbine" must not be used to endorse or promote products
30 * derived from this software without prior written permission. For
31 * written permission, please contact apache@apache.org.
32 *
33 * 5. Products derived from this software may not be called "Apache",
34 * "Apache Turbine", nor may "Apache" appear in their name, without
35 * prior written permission of the Apache Software Foundation.
36 *
37 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48 * SUCH DAMAGE.
49 * ====================================================================
50 *
51 * This software consists of voluntary contributions made by many
52 * individuals on behalf of the Apache Software Foundation. For more
53 * information on the Apache Software Foundation, please see
54 * <http://www.apache.org/>.
55 */
56
57 // Turbine Utility Classes
58 import org.apache.turbine.util.RunData;
59
60 // ECS Classe
61 import org.apache.ecs.ConcreteElement;
62 import org.apache.ecs.Entities;
63 import org.apache.ecs.filter.CharacterFilter;
64
65 /***
66 * This is an interface that defines the Screen modules.
67 *
68 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
69 * @version $Id: Screen.java,v 1.1.1.1 2001/08/16 05:08:30 jvanzyl Exp $
70 */
71 public abstract class Screen extends Assembler
72 {
73 private static final CharacterFilter filter = htmlFilter();
74 private static final CharacterFilter minFilter = htmlMinFilter();
75
76 /***
77 * A subclass must override this method to build itself.
78 * Subclasses override this method to store the screen in RunData
79 * or to write the screen to the output stream referenced in
80 * RunData.
81 *
82 * @param data Turbine information.
83 * @exception Exception a generic exception.
84 */
85 protected abstract ConcreteElement doBuild( RunData data )
86 throws Exception;
87
88 /***
89 * Subclasses can override this method to add additional
90 * functionality. This method is protected to force clients to
91 * use ScreenLoader to build a Screen.
92 *
93 * @param data Turbine information.
94 * @exception Exception a generic exception.
95 */
96 protected ConcreteElement build( RunData data )
97 throws Exception
98 {
99 return doBuild( data );
100 }
101
102 /***
103 * If the Layout has not been defined by the Screen then set the
104 * layout to be "DefaultLayout". The Screen object can also
105 * override this method to provide intelligent determination of
106 * the Layout to execute. You can also define that logic here as
107 * well if you want it to apply on a global scale. For example,
108 * if you wanted to allow someone to define Layout "preferences"
109 * where they could dynamicially change the Layout for the entire
110 * site. The information for the request is passed in with the
111 * RunData object.
112 *
113 * @param data Turbine information.
114 * @return A String with the Layout.
115 */
116 public String getLayout(RunData data)
117 {
118 return data.getLayout();
119 }
120
121 /***
122 * Set the layout for a Screen.
123 *
124 * @param data Turbine information.
125 * @param layout The layout name.
126 */
127 public void setLayout( RunData data, String layout )
128 {
129 data.setLayout(layout);
130 }
131
132 /***
133 * This function can/should be used in any screen that will output
134 * User entered text. This will help prevent users from entering
135 * html (<SCRIPT>) tags that will get executed by the browser.
136 *
137 * @param s The string to prepare.
138 * @return A string with the input already prepared.
139 */
140 public static String prepareText(String s)
141 {
142 return filter.process(s);
143 }
144
145 /***
146 * This function can/should be used in any screen that will output
147 * User entered text. This will help prevent users from entering
148 * html (<SCRIPT>) tags that will get executed by the browser.
149 *
150 * @param s The string to prepare.
151 * @return A string with the input already prepared.
152 */
153 public static String prepareTextMinimum(String s)
154 {
155 return minFilter.process(s);
156 }
157
158 /***
159 * These attributes are supposed to be the default, but they are
160 * not, at least in ECS 1.2. Include them all just to be safe.
161 *
162 * @return A CharacterFilter to do HTML filtering.
163 */
164 private static CharacterFilter htmlFilter()
165 {
166 CharacterFilter filter = new CharacterFilter();
167 filter.addAttribute("\"", Entities.QUOT);
168 filter.addAttribute("'", Entities.LSQUO);
169 filter.addAttribute("&", Entities.AMP);
170 filter.addAttribute("<", Entities.LT);
171 filter.addAttribute(">", Entities.GT);
172 return filter;
173 }
174
175 /*
176 * We would like to filter user entered text that might be
177 * dynamically added, using javascript for example. But we do not
178 * want to filter all the above chars, so we will just disallow
179 * <.
180 *
181 * @return A CharacterFilter to do minimal HTML filtering.
182 */
183 private static CharacterFilter htmlMinFilter()
184 {
185 CharacterFilter filter = new CharacterFilter();
186 filter.removeAttribute(">");
187 filter.removeAttribute("\"");
188 filter.removeAttribute("'");
189 filter.removeAttribute("&");
190 filter.addAttribute("<", Entities.LT);
191 return filter;
192 }
193 }
This page was automatically generated by Maven