2002/css-validator/org/w3c/css/css CssStyleRule.java,1.5,1.6 from Sijtsche Smeman on 2004-11-25 (www-validator-cvs@w3.org from November 2004)

From: Sijtsche Smeman <sijtsche@dev.w3.org>
Date: Thu, 25 Nov 2004 13:24:52 +0000
To: www-validator-cvs@w3.org
Message-ID: <E1CXJcC-0002iB-8X@lionel-hutz.w3.org>
Update of /sources/public/2002/css-validator/org/w3c/css/css
In directory hutz:/tmp/cvs-serv10415/css

Modified Files:
	CssStyleRule.java 
Log Message:
output escaped to prevent malicious HTML or script to be executed

Index: CssStyleRule.java
===================================================================
RCS file: /sources/public/2002/css-validator/org/w3c/css/css/CssStyleRule.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- CssStyleRule.java	28 Oct 2003 16:00:51 -0000	1.5
+++ CssStyleRule.java	25 Nov 2004 13:24:50 -0000	1.6
@@ -8,93 +8,94 @@
 import java.util.Vector;
 import java.io.PrintWriter;
 
+import org.w3c.css.util.Util;
 import org.w3c.css.properties.CssProperty;
 
 
 public class CssStyleRule {
 
     public CssStyleRule(String indent, String selectors, 
-			Vector properties, boolean important) {
-	this.selectors = selectors;
-	this.properties = properties;
-	this.important = important;
-	this.indent = indent;
+            Vector properties, boolean important) {
+    this.selectors = selectors;
+    this.properties = properties;
+    this.important = important;
+    this.indent = indent;
     }
 
     public String toString() {
-	StringBuffer ret = new StringBuffer();
-	if (selectors != null) {
-	    ret.append(selectors);
-	    ret.append(' ');
-	    ret.append('{');
-	    ret.append('\n');
-	}
+    StringBuffer ret = new StringBuffer();
+    if (selectors != null) {
+        ret.append(selectors);
+        ret.append(' ');
+        ret.append('{');
+        ret.append('\n');
+    }
 
-	for (int i = 0; i < properties.size() ; i++) {
-	    CssProperty property = (CssProperty)properties.elementAt(i);
-	    ret.append(indent);
-	    ret.append("   ");
-	    ret.append(property.getPropertyName());
-	    ret.append(" : ");
-	    ret.append(property.toString());
-	    if (property.getImportant()) {
-		ret.append(" important");
-	    }
-	    ret.append(';');
-	    ret.append('\n');
-	}
-	if (selectors != null) {
-	    ret.append(indent);
-	    ret.append('}');
-	    ret.append('\n');
-	    ret.append('\n');
-	}
-	return ret.toString();
+    for (int i = 0; i < properties.size() ; i++) {
+        CssProperty property = (CssProperty)properties.elementAt(i);
+        ret.append(indent);
+        ret.append("   ");
+        ret.append(property.getPropertyName());
+        ret.append(" : ");
+        ret.append(property.toString());
+        if (property.getImportant()) {
+        ret.append(" important");
+        }
+        ret.append(';');
+        ret.append('\n');
+    }
+    if (selectors != null) {
+        ret.append(indent);
+        ret.append('}');
+        ret.append('\n');
+        ret.append('\n');
+    }
+    return ret.toString();
     }
 /*
     public String toHTML() {
-	StringBuffer ret = new StringBuffer("<li><span class='selector'>"); 
-	if (selectors != null) {
-	    ret.append(selectors);
-	    ret.append("</span> {<ul class='vRule'>\n");
-	}
+    StringBuffer ret = new StringBuffer("<li><span class='selector'>"); 
+    if (selectors != null) {
+        ret.append(selectors);
+        ret.append("</span> {<ul class='vRule'>\n");
+    }
 
-	for (int i = 0; i < properties.size() ; i++) {
-	    CssProperty property = (CssProperty)properties.elementAt(i);
-	    ret.append("<li>");
-	    ret.append(property.getPropertyName());
-	    ret.append(" : <span class='vPropertyValue'>");
-	    ret.append(property.toString());
-	    ret.append("</span>");
-	    if (property.getImportant()) {
-		ret.append(" !important");
-	    }
-	    ret.append(";</li>\n");
-	}
-	ret.append("</ul>}</li>\n\n");
-	return ret.toString();
+    for (int i = 0; i < properties.size() ; i++) {
+        CssProperty property = (CssProperty)properties.elementAt(i);
+        ret.append("<li>");
+        ret.append(property.getPropertyName());
+        ret.append(" : <span class='vPropertyValue'>");
+        ret.append(property.toString());
+        ret.append("</span>");
+        if (property.getImportant()) {
+        ret.append(" !important");
+        }
+        ret.append(";</li>\n");
+    }
+    ret.append("</ul>}</li>\n\n");
+    return ret.toString();
     }
 */
     public void toHTML(PrintWriter out) {
-	out.print("<li><span class='selector'>"); 
-	if (selectors != null) {
-	    out.print(selectors);
-	    out.print("</span> {<ul class='vRule'>\n");
-	}
+    out.print("<li><span class='selector'>"); 
+    if (selectors != null) {
+        out.print(selectors);
+        out.print("</span> {<ul class='vRule'>\n");
+    }
 
-	for (int i = 0; i < properties.size() ; i++) {
-	    CssProperty property = (CssProperty)properties.elementAt(i);
-	    out.print("<li>");
-	    out.print(property.getPropertyName());
-	    out.print(" : <span class='vPropertyValue'>");
-	    out.print(property.toString());
-	    out.print("</span>");
-	    if (property.getImportant()) {
-		out.print(" !important");
-	    }
-	    out.print(";</li>\n");
-	}
-	out.print("</ul>}</li>\n\n");
+    for (int i = 0; i < properties.size() ; i++) {
+        CssProperty property = (CssProperty)properties.elementAt(i);
+        out.print("<li>");
+        out.print(Util.escapeHTML(property.getPropertyName()));
+        out.print(" : <span class='vPropertyValue'>");
+        out.print(Util.escapeHTML(property.toString()));
+        out.print("</span>");
+        if (property.getImportant()) {
+        out.print(" !important");
+        }
+        out.print(";</li>\n");
+    }
+    out.print("</ul>}</li>\n\n");
     }
     
     private String indent;
Received on Thursday, 25 November 2004 13:24:53 UTC