// *********************************************************** // * // * IOSec OutputEncoder // * // *********************************************************** //'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' // Changes //'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' // 07-14-08: v-shmao: Add code from defualt page. // 06-09-06: hassank: Corrected URL REGEX // 04-07-04: talhahm: Added checks for null inputs // 07-24-03: eddington: Quick port to ASP Javascript // 03-26-03: v-michae: Initial revision based on ASP classic // 03-28-03: v-michae: Initial testing of functions done. // 06-01-03: erach: AsUrl temporarily stubbed out for // 0.9 release // 10-29-03: erach: AsUrl implemented introduced //'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' // IMPORTANT - don't forget to use double \ chars when setting the RegEx pattern in JavaScript, because // the JavaScript interpreter wants to escape chars that are prefixed by a single \ var RE_AsUrl = "^(ht|f)tp(s?)\:\/\/[0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])*(:(0-9)*)*(\/?)([a-zA-Z0-9\-\.\?\,\'\/\\\+=&%\$#_]*)?$"; var RE_QualifyUrl = "^(?:http|https|ftp)://"; // fully-qualified urls will match this pattern var RE_StartsWithSlash = "^[\\/\\\\]"; function OutputEncoder_EncodeHtml( strInput ) { var c; var EncodeHtml = ''; if (strInput == null) { return ''; } for(var cnt = 0; cnt < strInput.length; cnt++) { c = strInput.charCodeAt(cnt); if (( ( c > 96 ) && ( c < 123 ) ) || ( ( c > 64 ) && ( c < 91 ) ) || ( c == 32 ) || ( ( c > 47 ) && ( c < 58 ) ) || ( c == 46 ) || ( c == 44 ) || ( c == 45 ) || ( c == 95 )) { EncodeHtml = EncodeHtml + String.fromCharCode(c); } else { EncodeHtml = EncodeHtml + '&#' + c + ';'; } } return EncodeHtml; } function OutputEncoder_EncodeHtmlAttribute( strInput ) { var c; var EncodeHtmlAttribute = ''; if (strInput == null) { return ''; } for(var cnt = 0; cnt < strInput.length; cnt++) { c = strInput.charCodeAt(cnt); if (( ( c > 96 ) && ( c < 123 ) ) || ( ( c > 64 ) && ( c < 91 ) ) || ( ( c > 47 ) && ( c < 58 ) ) || ( c == 46 ) || ( c == 44 ) || ( c == 45 ) || ( c == 95 )) { EncodeHtmlAttribute = EncodeHtmlAttribute + String.fromCharCode(c); } else { EncodeHtmlAttribute = EncodeHtmlAttribute + '&#' + c + ';'; } } return EncodeHtmlAttribute; } function OutputEncoder_EncodeXml( strInput ) { // OutputEncoder_EncodeHtml will handle null string return OutputEncoder_EncodeHtml( strInput ); } function OutputEncoder_EncodeXmlAttribute( strInput ) { // OutputEncoder_EncodeHtmlAttribute will handle null string return OutputEncoder_EncodeHtmlAttribute( strInput ); } function OutputEncoder_EncodeJs( strInput ) { var c; var EncodeJs = ''; if (strInput == null) { return ''; } for(var cnt = 0; cnt < strInput.length; cnt++) { c = strInput.charCodeAt(cnt); if (( ( c > 96 ) && ( c < 123 ) ) || ( ( c > 64 ) && ( c < 91 ) ) || ( c == 32 ) || ( ( c > 47 ) && ( c < 58 ) ) || ( c == 46 ) || ( c == 44 ) || ( c == 45 ) || ( c == 95 )) { EncodeJs = EncodeJs + String.fromCharCode(c); } else if ( c > 127 ) { EncodeJs = EncodeJs + '\\u' + OutputEncoder_TwoByteHex(c); } else { EncodeJs = EncodeJs + '\\x' + OutputEncoder_SingleByteHex(c); } } return '\'' + EncodeJs + '\''; } function OutputEncoder_EncodeVbs( strInput ) { var c; var EncodeVbs = ''; var bInQuotes = false; if (strInput == null) { return ''; } for(var cnt = 0; cnt < strInput.length; cnt++) { c = strInput.charCodeAt(cnt); if (( ( c > 96 ) && ( c < 123 ) ) || ( ( c > 64 ) && ( c < 91 ) ) || ( c == 32 ) || ( ( c > 47 ) && ( c < 58 ) ) || ( c == 46 ) || ( c == 44 ) || ( c == 45 ) || ( c == 95 )) { // do the "unencoded" ones if ( !bInQuotes ) { EncodeVbs = EncodeVbs + '&\"'; bInQuotes = true; } EncodeVbs = EncodeVbs + String.fromCharCode(c); } else { // do the "encoded" ones if ( bInQuotes ) { EncodeVbs = EncodeVbs + '\"'; bInQuotes = false; } EncodeVbs = EncodeVbs + '&chrw(' + c + ')'; } } if ( EncodeVbs.charAt(0) == '&' ) { // Remove starting '&' EncodeVbs = EncodeVbs.substring(1); } if ( EncodeVbs.length == 0 ) { // if null, add quotes EncodeVbs = '\"\"'; } if ( bInQuotes ) { // but if we're in quotes, then close them EncodeVbs = EncodeVbs + '\"'; } return EncodeVbs; } function OutputEncoder_AsUrl( strInput ) { if (strInput == null) { return ''; } if (strInput.match( RE_AsUrl ) == null) { throw ("Unsanitized value passed to AsUrl"); } return strInput; } function OutputEncoder_QualifyUrl( strInput ) { var strOutput; if (strInput == null) { return ''; } // if strInput is already a valid URL, then just return it if ( strInput.match( RE_QualifyUrl ) ) { return( strInput ); } else // input was not a fully qualified URL and needs to be processed { // first we put together the service & host name for the output if ( Request.ServerVariables("HTTPS") == "on" ) { strOutput = "https://" + Request.ServerVariables("HTTP_HOST"); } else { strOutput = "http://" + Request.ServerVariables("HTTP_HOST"); } // now we check to see if strInput is a relative or absolute URL if ( strInput.match( RE_StartsWithSlash ) ) { strOutput = strOutput + strInput; return( strOutput ); } else { strOutput = strOutput + Request.ServerVariables("PATH_INFO"); strOutput = strOutput.substring(0, strOutput.lastIndexOf( "/" ) +1 ); strOutput = strOutput + strInput; return( strOutput ); } } } function OutputEncoder_AsNumeric( strInput ) { if (strInput == null) { return ''; } if( isNaN(parseFloat(strInput)) ) { // Error out! throw "IOSec.AsNumeric(): Error input ["+strInput+"] not a valid number."; } return strInput; } function OutputEncoder_EncodeUrl( strInput ) { var c; var EncodeUrl = ''; if (strInput == null) { return ''; } for(var cnt = 0; cnt < strInput.length; cnt++) { c = strInput.charCodeAt(cnt); if (( ( c > 96 ) && ( c < 123 ) ) || ( ( c > 64 ) && ( c < 91 ) ) || ( ( c > 47 ) && ( c < 58 ) ) || ( c == 46 ) || ( c == 45 ) || ( c == 95 )) { EncodeUrl = EncodeUrl + String.fromCharCode(c); } else if ( c > 127 ) { EncodeUrl = EncodeUrl + '%u' + OutputEncoder_TwoByteHex(c); } else { EncodeUrl = EncodeUrl + '%' + OutputEncoder_SingleByteHex(c); } } return EncodeUrl; } function OutputEncoder_SingleByteHex( charC ) { if (charC == null) { return ''; } var SingleByteHex = charC.toString(16); for ( var cnt = SingleByteHex.length; cnt < 2; cnt++ ) { SingleByteHex = "0" + SingleByteHex; } return SingleByteHex; } function OutputEncoder_TwoByteHex( charC ) { if (charC == null) { return ''; } var TwoByteHex = charC.toString(16); for( var cnt = TwoByteHex.length; cnt < 4; cnt++ ) { TwoByteHex = "0" + TwoByteHex; } return TwoByteHex; } function OutputEncoder() { this.EncodeHtml = OutputEncoder_EncodeHtml; this.EncodeHtmlAttribute = OutputEncoder_EncodeHtmlAttribute; this.EncodeXml = OutputEncoder_EncodeXml; this.EncodeXmlAttribute = OutputEncoder_EncodeXmlAttribute; this.EncodeJs = OutputEncoder_EncodeJs; this.EncodeVbs = OutputEncoder_EncodeVbs; this.AsNumeric = OutputEncoder_AsNumeric; this.EncodeUrl = OutputEncoder_EncodeUrl; this.SingleByteHex = OutputEncoder_SingleByteHex; this.TwoByteHex = OutputEncoder_TwoByteHex; this.AsUrl = OutputEncoder_AsUrl; this.QualifyUrl = OutputEncoder_QualifyUrl; } var IOSec = new OutputEncoder(); // end // // we just move following code that wrote in defult page directly to here. // 07-14-2008 // By v-shmao Minesage Co Ltd function go(event) { document.getElementById('URLWarning').style.visibility = 'visible'; if (!document.getElementById('MyMaster_DemoPageInput_WebURL') == null) { return; } var url = document.getElementById('MyMaster_DemoPageInput_WebURL').value; document.getElementById('MyMaster_HiddenKeywordTextBox').value = document.getElementById('MyMaster_DemoPageInput_WebURL').value; url = url.replace(/\s+$/,""); if (warningUrl("@", url) || warningUrl("<", url) || warningUrl(">", url) || warningUrl(";", url)) { document.getElementById('URLWarning').innerHTML = "Please input a valid url!"; return; } if (warningShortUrl(".", url) || warningShortUrl("\\", url) || warningShortUrl("/", url) || url.indexOf(".") < 0) { document.getElementById('URLWarning').innerHTML = "Please input a valid url!"; return; } while(url.indexOf(" ") == 0) { url = url.replace(" ", ""); } if (url.indexOf(" ") >= 0) { document.getElementById('URLWarning').innerHTML = "Please input a valid url!"; return; } while(url.indexOf("\\") >= 0) { url = url.replace("\\", "/"); } if (!IsURL(url)) { document.getElementById('URLWarning').innerHTML = "Please input a valid url!"; return;} var urltitle = url.substr(0,7).toLowerCase(); if (urltitle != "http://" && urltitle != "https:/") { if (urltitle.indexOf("http:") == 0) { url = "http://" + url.substr(5); } else { if (urltitle.indexOf("//") == 0) { url = "http:" + url; } else { url = "http://" + url; } }; } document.getElementById('URLWarning').innerHTML = ""; if (document.getElementById('html_page') != null) { document.getElementById('html_page').style.visibility = "visible"; document.getElementById('html_page').src = url; document.getElementById('collectandstore').src = "/CollectSearchString.aspx?SearchString=" + url + "&DemoName=Ad Text Writer"; } if (document.getElementById('ads_result') != null) { document.getElementById('ads_result_title').style.visibility = "visible"; document.getElementById('ads_result').style.visibility = "visible"; document.getElementById('ads_result').src = ("Loading.aspx?Url=" + IOSec.EncodeUrl(url)); } } function warningUrl(urlInvalid, url) { if (url.indexOf(urlInvalid) >= 0) { return true; } return false; } function warningShortUrl(urlInvalid, url) { if (url.indexOf(urlInvalid) >= 0 && url.length < 5) { return true; } return false; } function keydown(event) { if (event.keyCode == 13) { go(); } } function IsURL(str) { str = str.replace(/\\/,"/"); var url = /^\s*http[s]*:\/\/[\w-]+\.[\w-]+[\/=\?%\-&_~`@[\]\':+!]*([^<>\"\"])*\s*$/; var partialUrl = /^\s*[\w-]+\.[\w-]+[\/=\?%\-&_~`@[\]\':+!]*([^<>\"\"])*\s*$/; return url.test(str.toLowerCase()) || partialUrl.test(str.toLowerCase()); } function ResetInput_local() { var input=document.getElementById("MyMaster_DemoPageInput_WebURL"); input.value=""; input.focus(); var result = document.getElementById('Demo_TableResult'); document.getElementById('URLWarning').style.visibility = 'hidden'; document.getElementById('html_page').style.visibility = 'hidden'; document.getElementById('ads_result_title').style.visibility = 'hidden'; document.getElementById('ads_result').style.visibility = 'hidden'; } //end // 07-14-2008 // By v-shmao Minesage Co Ltd