Html Entity Encoding (convert '<' To '<') On Iphone In Objective-c
I'm developing an application for the iPhone that has inApp-mail sending capabilities. So far so good, but now I want to avoid html-injections as some parts of the mail are user-ge
Solution 1:
Check out my NSString category for HTML. Here are the methods available:
- (NSString *)stringByConvertingHTMLToPlainText;- (NSString *)stringByDecodingHTMLEntities;- (NSString *)stringByEncodingHTMLEntities;- (NSString *)stringWithNewLinesAsBRs;- (NSString *)stringByRemovingNewLinesAndWhitespace;Solution 2:
Thanks @all. I ended up using my own implementation:
//
// _________________________________________
//
// textToHtml
// _________________________________________
//
- (NSString*)textToHtml:(NSString*)htmlString {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&" withString:@"&"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<" withString:@"<"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@">" withString:@">"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"""];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'" withString:@"'"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br>"];
return htmlString;
}
Solution 3:
A little improvement on @Markus' code [Change <br /> to <p></p>, escape multiple spaces]
- (NSString*)textToHtml:(NSString*)htmlString {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&" withString:@"&"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<" withString:@"<"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@">" withString:@">"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"""];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'" withString:@"'"];
htmlString = [@"<p>" stringByAppendingString:htmlString];
htmlString = [htmlString stringByAppendingString:@"</p>"];
htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"</p><p>"];
// htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br />"];while ([htmlString rangeOfString:@" "].length > 0) {
htmlString = [htmlString stringByReplacingOccurrencesOfString:@" " withString:@" "];
}
return htmlString;
}
Solution 4:
I have been looking for a similar solution and this did the job for me
NSString* value = @"<&>";
constvoid* keys[1] = {CFSTR("somekey")};
constvoid* values[1] = {value};
CFDictionaryRef dicRef = CFDictionaryCreate(kCFAllocatorDefault, keys, values, 1, nil, nil);
CFDataRef dataRef = CFPropertyListCreateData(kCFAllocatorDefault, dicRef, kCFPropertyListXMLFormat_v1_0, 0, NULL);
NSString *str = [[NSString alloc]initWithData:(NSData *)dataRef encoding:NSUTF8StringEncoding];
NSRange start =[str rangeOfString:@"string>"];
NSRange end =[str rangeOfString:@"</string"];
NSString *substr = [str substringWithRange:NSMakeRange(start.location+start.length, end.location-(start.location+start.length))];
[str release];
CFRelease(dicRef);
CFRelease(dataRef);
//Substring is now html entity encoded
I am using some of the features that is used when saving plist files. I hope this helps.
Solution 5:
I'm expanding @Markus answer, because my case is i'm sending JSON string, so i need to added some escape, these are my function :
note : the exception reference from w3schools. https://www.w3schools.com/tags/ref_urlencode.asp
- (NSString*)convertStringToHTMLEscape:(NSString*)stringContent
{
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"{" withString:@"%7B"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"}" withString:@"%7D"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"[" withString:@"%5B"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"]" withString:@"%5D"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@" " withString:@"%20"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\"" withString:@"%22"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\\" withString:@"%5C"];
stringContent = [stringContent stringByReplacingOccurrencesOfString:@"/" withString:@"%2F"];
return stringContent;
}
Post a Comment for "Html Entity Encoding (convert '<' To '<') On Iphone In Objective-c"