46 escapeLessThan: () => (/* binding */ escapeLessThan), |
46 escapeLessThan: () => (/* binding */ escapeLessThan), |
47 escapeQuotationMark: () => (/* binding */ escapeQuotationMark), |
47 escapeQuotationMark: () => (/* binding */ escapeQuotationMark), |
48 isValidAttributeName: () => (/* binding */ isValidAttributeName) |
48 isValidAttributeName: () => (/* binding */ isValidAttributeName) |
49 }); |
49 }); |
50 |
50 |
51 ;// CONCATENATED MODULE: ./node_modules/@wordpress/escape-html/build-module/escape-greater.js |
51 ;// ./node_modules/@wordpress/escape-html/build-module/escape-greater.js |
52 /** |
52 /** |
53 * Returns a string with greater-than sign replaced. |
53 * Returns a string with greater-than sign replaced. |
54 * |
54 * |
55 * Note that if a resolution for Trac#45387 comes to fruition, it is no longer |
55 * Note that if a resolution for Trac#45387 comes to fruition, it is no longer |
56 * necessary for `__unstableEscapeGreaterThan` to exist. |
56 * necessary for `__unstableEscapeGreaterThan` to exist. |
57 * |
57 * |
58 * See: https://core.trac.wordpress.org/ticket/45387 |
58 * See: https://core.trac.wordpress.org/ticket/45387 |
59 * |
59 * |
60 * @param {string} value Original string. |
60 * @param value Original string. |
61 * |
61 * |
62 * @return {string} Escaped string. |
62 * @return Escaped string. |
63 */ |
63 */ |
64 function __unstableEscapeGreaterThan(value) { |
64 function __unstableEscapeGreaterThan(value) { |
65 return value.replace(/>/g, '>'); |
65 return value.replace(/>/g, '>'); |
66 } |
66 } |
67 |
67 |
68 ;// CONCATENATED MODULE: ./node_modules/@wordpress/escape-html/build-module/index.js |
68 ;// ./node_modules/@wordpress/escape-html/build-module/index.js |
69 /** |
69 /** |
70 * Internal dependencies |
70 * Internal dependencies |
71 */ |
71 */ |
72 |
72 |
73 |
73 |
77 * "Attribute names must consist of one or more characters other than controls, |
77 * "Attribute names must consist of one or more characters other than controls, |
78 * U+0020 SPACE, U+0022 ("), U+0027 ('), U+003E (>), U+002F (/), U+003D (=), |
78 * U+0020 SPACE, U+0022 ("), U+0027 ('), U+003E (>), U+002F (/), U+003D (=), |
79 * and noncharacters." |
79 * and noncharacters." |
80 * |
80 * |
81 * @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2 |
81 * @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2 |
82 * |
|
83 * @type {RegExp} |
|
84 */ |
82 */ |
85 const REGEXP_INVALID_ATTRIBUTE_NAME = /[\u007F-\u009F "'>/="\uFDD0-\uFDEF]/; |
83 const REGEXP_INVALID_ATTRIBUTE_NAME = /[\u007F-\u009F "'>/="\uFDD0-\uFDEF]/; |
86 |
84 |
87 /** |
85 /** |
88 * Returns a string with ampersands escaped. Note that this is an imperfect |
86 * Returns a string with ampersands escaped. Note that this is an imperfect |
92 * |
90 * |
93 * @see https://w3c.github.io/html/syntax.html#character-references |
91 * @see https://w3c.github.io/html/syntax.html#character-references |
94 * @see https://w3c.github.io/html/syntax.html#ambiguous-ampersand |
92 * @see https://w3c.github.io/html/syntax.html#ambiguous-ampersand |
95 * @see https://w3c.github.io/html/syntax.html#named-character-references |
93 * @see https://w3c.github.io/html/syntax.html#named-character-references |
96 * |
94 * |
97 * @param {string} value Original string. |
95 * @param value Original string. |
98 * |
96 * |
99 * @return {string} Escaped string. |
97 * @return Escaped string. |
100 */ |
98 */ |
101 function escapeAmpersand(value) { |
99 function escapeAmpersand(value) { |
102 return value.replace(/&(?!([a-z0-9]+|#[0-9]+|#x[a-f0-9]+);)/gi, '&'); |
100 return value.replace(/&(?!([a-z0-9]+|#[0-9]+|#x[a-f0-9]+);)/gi, '&'); |
103 } |
101 } |
104 |
102 |
105 /** |
103 /** |
106 * Returns a string with quotation marks replaced. |
104 * Returns a string with quotation marks replaced. |
107 * |
105 * |
108 * @param {string} value Original string. |
106 * @param value Original string. |
109 * |
107 * |
110 * @return {string} Escaped string. |
108 * @return Escaped string. |
111 */ |
109 */ |
112 function escapeQuotationMark(value) { |
110 function escapeQuotationMark(value) { |
113 return value.replace(/"/g, '"'); |
111 return value.replace(/"/g, '"'); |
114 } |
112 } |
115 |
113 |
116 /** |
114 /** |
117 * Returns a string with less-than sign replaced. |
115 * Returns a string with less-than sign replaced. |
118 * |
116 * |
119 * @param {string} value Original string. |
117 * @param value Original string. |
120 * |
118 * |
121 * @return {string} Escaped string. |
119 * @return Escaped string. |
122 */ |
120 */ |
123 function escapeLessThan(value) { |
121 function escapeLessThan(value) { |
124 return value.replace(/</g, '<'); |
122 return value.replace(/</g, '<'); |
125 } |
123 } |
126 |
124 |
138 * Note that if a resolution for Trac#45387 comes to fruition, it is no longer |
136 * Note that if a resolution for Trac#45387 comes to fruition, it is no longer |
139 * necessary for `__unstableEscapeGreaterThan` to be used. |
137 * necessary for `__unstableEscapeGreaterThan` to be used. |
140 * |
138 * |
141 * See: https://core.trac.wordpress.org/ticket/45387 |
139 * See: https://core.trac.wordpress.org/ticket/45387 |
142 * |
140 * |
143 * @param {string} value Attribute value. |
141 * @param value Attribute value. |
144 * |
142 * |
145 * @return {string} Escaped attribute value. |
143 * @return Escaped attribute value. |
146 */ |
144 */ |
147 function escapeAttribute(value) { |
145 function escapeAttribute(value) { |
148 return __unstableEscapeGreaterThan(escapeQuotationMark(escapeAmpersand(value))); |
146 return __unstableEscapeGreaterThan(escapeQuotationMark(escapeAmpersand(value))); |
149 } |
147 } |
150 |
148 |
154 * @see https://w3c.github.io/html/syntax.html#writing-html-documents-elements |
152 * @see https://w3c.github.io/html/syntax.html#writing-html-documents-elements |
155 * |
153 * |
156 * "the text must not contain the character U+003C LESS-THAN SIGN (<) or an |
154 * "the text must not contain the character U+003C LESS-THAN SIGN (<) or an |
157 * ambiguous ampersand." |
155 * ambiguous ampersand." |
158 * |
156 * |
159 * @param {string} value Element value. |
157 * @param value Element value. |
160 * |
158 * |
161 * @return {string} Escaped HTML element value. |
159 * @return Escaped HTML element value. |
162 */ |
160 */ |
163 function escapeHTML(value) { |
161 function escapeHTML(value) { |
164 return escapeLessThan(escapeAmpersand(value)); |
162 return escapeLessThan(escapeAmpersand(value)); |
165 } |
163 } |
166 |
164 |
167 /** |
165 /** |
168 * Returns an escaped Editable HTML element value. This is different from |
166 * Returns an escaped Editable HTML element value. This is different from |
169 * `escapeHTML`, because for editable HTML, ALL ampersands must be escaped in |
167 * `escapeHTML`, because for editable HTML, ALL ampersands must be escaped in |
170 * order to render the content correctly on the page. |
168 * order to render the content correctly on the page. |
171 * |
169 * |
172 * @param {string} value Element value. |
170 * @param value Element value. |
173 * |
171 * |
174 * @return {string} Escaped HTML element value. |
172 * @return Escaped HTML element value. |
175 */ |
173 */ |
176 function escapeEditableHTML(value) { |
174 function escapeEditableHTML(value) { |
177 return escapeLessThan(value.replace(/&/g, '&')); |
175 return escapeLessThan(value.replace(/&/g, '&')); |
178 } |
176 } |
179 |
177 |
180 /** |
178 /** |
181 * Returns true if the given attribute name is valid, or false otherwise. |
179 * Returns true if the given attribute name is valid, or false otherwise. |
182 * |
180 * |
183 * @param {string} name Attribute name to test. |
181 * @param name Attribute name to test. |
184 * |
182 * |
185 * @return {boolean} Whether attribute is valid. |
183 * @return Whether attribute is valid. |
186 */ |
184 */ |
187 function isValidAttributeName(name) { |
185 function isValidAttributeName(name) { |
188 return !REGEXP_INVALID_ATTRIBUTE_NAME.test(name); |
186 return !REGEXP_INVALID_ATTRIBUTE_NAME.test(name); |
189 } |
187 } |
190 |
188 |