Skip to content
This repository was archived by the owner on Apr 6, 2021. It is now read-only.

Commit ea0b850

Browse files
author
chrisisbeef
committed
Repackaging Source
1 parent 4201c5e commit ea0b850

33 files changed

+3146
-0
lines changed

src/main/javascript/core.js

Lines changed: 332 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,332 @@
1+
/*
2+
* OWASP Enterprise Security API (ESAPI)
3+
*
4+
* This file is part of the Open Web Application Security Project (OWASP)
5+
* Enterprise Security API (ESAPI) project. For details, please see
6+
* <a href="http://www.owasp.org/index.php/ESAPI">http://www.owasp.org/index.php/ESAPI</a>.
7+
*
8+
* Copyright (c) 2008 - The OWASP Foundation
9+
*
10+
* The ESAPI is published by OWASP under the BSD license. You should read and accept the
11+
* LICENSE before you use, modify, and/or redistribute this software.
12+
*/
13+
14+
// Utility and Core API Methods
15+
var $namespace = function(name, separator, container){
16+
var ns = name.split(separator || '.'),
17+
o = container || window,
18+
i,
19+
len;
20+
for(i = 0, len = ns.length; i < len; i++){
21+
o = o[ns[i]] = o[ns[i]] || {};
22+
}
23+
return o;
24+
};
25+
26+
if (!$) {
27+
var $ = function( sElementID ) {
28+
return document.getElementById( sElementID );
29+
};
30+
}
31+
32+
if (!Array.prototype.each) {
33+
Array.prototype.each = function(fIterator) {
34+
if (typeof fIterator != 'function') {
35+
throw 'Illegal Argument for Array.each';
36+
}
37+
38+
for (var i = 0; i < this.length; i ++) {
39+
fIterator(this[i]);
40+
}
41+
};
42+
}
43+
44+
if (!Array.prototype.contains) {
45+
Array.prototype.contains = function(srch) {
46+
var found = false;
47+
this.each(function(e) {
48+
if ( ( srch.equals && srch.equals(e) ) || e == srch) {
49+
found = true;
50+
return;
51+
}
52+
});
53+
return found;
54+
};
55+
}
56+
57+
if (!Array.prototype.containsKey) {
58+
Array.prototype.containsKey = function(srch) {
59+
for ( var key in this ) {
60+
if ( key.toLowerCase() == srch.toLowerCase() ) {
61+
return true;
62+
}
63+
}
64+
return false;
65+
};
66+
}
67+
68+
if (!Array.prototype.getCaseInsensitive) {
69+
Array.prototype.getCaseInsensitive = function(key) {
70+
for (var k in this) {
71+
if (k.toLowerCase() == key.toLowerCase()) {
72+
return this[k];
73+
}
74+
}
75+
return null;
76+
};
77+
}
78+
79+
if (!String.prototype.charCodeAt) {
80+
String.prototype.charCodeAt = function( idx ) {
81+
var c = this.charAt(idx);
82+
for ( var i=0;i<65536;i++) {
83+
var s = String.fromCharCode(i);
84+
if ( s == c ) { return i; }
85+
}
86+
return 0;
87+
};
88+
}
89+
90+
if (!String.prototype.endsWith) {
91+
String.prototype.endsWith = function( test ) {
92+
return this.substr( ( this.length - test.length ), test.length ) == test;
93+
};
94+
}
95+
96+
// Declare Core Exceptions
97+
if ( !Exception ) {
98+
var Exception = function( sMsg, oException ) {
99+
this.cause = oException;
100+
this.errorMessage = sMsg;
101+
};
102+
103+
Exception.prototype = Error.prototype;
104+
105+
Exception.prototype.getCause = function() { return this.cause; };
106+
107+
Exception.prototype.getMessage = function() { return this.message; };
108+
109+
/**
110+
* This method creates the stacktrace for the Exception only when it is called the first time and
111+
* caches it for access after that. Since building a stacktrace is a fairly expensive process, we
112+
* only want to do it if it is called.
113+
*/
114+
Exception.prototype.getStackTrace = function() {
115+
if ( this.callstack ) {
116+
return this.callstack;
117+
}
118+
119+
if ( this.stack ) { // Mozilla
120+
var lines = stack.split("\n");
121+
for ( var i=0, len=lines.length; i<len; i ++ ) {
122+
if ( lines[i].match( /^\s*[A-Za-z0-9\=+\$]+\(/ ) ) {
123+
this.callstack.push(lines[i]);
124+
}
125+
}
126+
this.callstack.shift();
127+
return this.callstack;
128+
}
129+
else if ( window.opera && this.message ) { // Opera
130+
var lines = this.message.split('\n');
131+
for ( var i=0, len=lines.length; i<len; i++ ) {
132+
if ( lines[i].match( /^\s*[A-Za-z0-9\=+\$]+\(/ ) ) {
133+
var entry = lines[i];
134+
if ( lines[i+1] ) {
135+
entry += " at " + lines[i+1];
136+
i++;
137+
}
138+
this.callstack.push(entry);
139+
}
140+
}
141+
this.callstack.shift();
142+
return this.callstack;
143+
}
144+
else { // IE and Safari
145+
var currentFunction = arguments.callee.caller;
146+
while ( currentFunction ) {
147+
var fn = currentFunction.toString();
148+
var fname = fn.substring(fn.indexOf("function")+8,fn.indexOf("(")) || "anonymous";
149+
this.callstack.push(fname);
150+
currentFunction = currentFunction.caller;
151+
}
152+
return this.callstack;
153+
}
154+
};
155+
156+
Exception.prototype.printStackTrace = function( writer ) {
157+
var out = this.getMessage() + "|||" + this.getStackTrace().join( "|||" );
158+
159+
if ( this.cause ) {
160+
if ( this.cause.printStackTrace ) {
161+
out += "||||||Caused by " + this.cause.printStackTrace().replace( "\n", "|||" );
162+
}
163+
}
164+
165+
if ( !writer ) {
166+
return writer.replace( "|||", "\n" );
167+
} else if ( writer.value ) {
168+
writer.value = out.replace( "|||", "\n" );
169+
} else if ( writer.writeln ) {
170+
writer.writeln( out.replace( "|||", "\n" ) );
171+
} else if ( writer.innerHTML ) {
172+
writer.innerHTML = out.replace( "|||", "<br/>" );
173+
} else if ( writer.innerText ) {
174+
writer.innerText = out.replace( "|||", "<br/>" );
175+
} else if ( writer.append ) {
176+
writer.append( out.replace( "|||", "\n" ) );
177+
} else if ( writer instanceof Function ) {
178+
writer(out.replace( "|||", "\n" ) );
179+
}
180+
};
181+
}
182+
183+
if ( !RuntimeException ) {
184+
var RuntimeException = {};
185+
RuntimeException.prototype = Exception.prototype;
186+
}
187+
188+
if ( !IllegalArgumentException ) {
189+
var IllegalArgumentException = {};
190+
IllegalArgumentException.prototype = Exception.prototype;
191+
}
192+
193+
if ( !DateFormat ) {
194+
// Based on http://jacwright.com/projects/javascript/date_format
195+
var DateFormat = function( sFmt ) {
196+
197+
var fmt = sFmt;
198+
199+
var replaceChars = {
200+
longMonths: [ "January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December" ],
201+
shortMonths: [ "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" ],
202+
longDays: [ "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday" ],
203+
shortDays: [ "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" ],
204+
205+
// Day
206+
d: function(date) { return (date.getDate() < 10 ? '0' : '') + date.getDate(); },
207+
D: function(date) { return replaceChars.shortDays[date.getDay()]; },
208+
j: function(date) { return date.getDate(); },
209+
l: function(date) { return replaceChars.longDays[date.getDay()]; },
210+
N: function(date) { return date.getDay() + 1; },
211+
S: function(date) { return (date.getDate() % 10 == 1 && date.getDate() != 11 ? 'st' : (date.getDate() % 10 == 2 && date.getDate() != 12 ? 'nd' : (date.getDate() % 10 == 3 && date.getDate() != 13 ? 'rd' : 'th'))); },
212+
w: function(date) { return date.getDay(); },
213+
z: function(date) { return "Not Yet Supported"; },
214+
// Week
215+
W: function(date) { return "Not Yet Supported"; },
216+
// Month
217+
F: function(date) { return replaceChars.longMonths[date.getMonth()]; },
218+
m: function(date) { return (date.getMonth() < 9 ? '0' : '') + (date.getMonth() + 1); },
219+
M: function(date) { return replaceChars.shortMonths[date.getMonth()]; },
220+
n: function(date) { return date.getMonth() + 1; },
221+
t: function(date) { return "Not Yet Supported"; },
222+
// Year
223+
L: function(date) { return (((date.getFullYear()%4==0)&&(date.getFullYear()%100 != 0)) || (date.getFullYear()%400==0)) ? '1' : '0'; },
224+
o: function(date) { return "Not Supported"; },
225+
Y: function(date) { return date.getFullYear(); },
226+
y: function(date) { return ('' + date.getFullYear()).substr(2); },
227+
// Time
228+
a: function(date) { return date.getHours() < 12 ? 'am' : 'pm'; },
229+
A: function(date) { return date.getHours() < 12 ? 'AM' : 'PM'; },
230+
B: function(date) { return "Not Yet Supported"; },
231+
g: function(date) { return date.getHours() % 12 || 12; },
232+
G: function(date) { return date.getHours(); },
233+
h: function(date) { return ((date.getHours() % 12 || 12) < 10 ? '0' : '') + (date.getHours() % 12 || 12); },
234+
H: function(date) { return (date.getHours() < 10 ? '0' : '') + date.getHours(); },
235+
i: function(date) { return (date.getMinutes() < 10 ? '0' : '') + date.getMinutes(); },
236+
s: function(date) { return (date.getSeconds() < 10 ? '0' : '') + date.getSeconds(); },
237+
// Timezone
238+
e: function(date) { return "Not Yet Supported"; },
239+
I: function(date) { return "Not Supported"; },
240+
O: function(date) { return (-date.getTimezoneOffset() < 0 ? '-' : '+') + (Math.abs(date.getTimezoneOffset() / 60) < 10 ? '0' : '') + (Math.abs(date.getTimezoneOffset() / 60)) + '00'; },
241+
P: function(date) { return (-date.getTimezoneOffset() < 0 ? '-' : '+') + (Math.abs(date.getTimezoneOffset() / 60) < 10 ? '0' : '') + (Math.abs(date.getTimezoneOffset() / 60)) + ':' + (Math.abs(date.getTimezoneOffset() % 60) < 10 ? '0' : '') + (Math.abs(date.getTimezoneOffset() % 60)); },
242+
T: function(date) { var m = date.getMonth(); date.setMonth(0); var result = date.toTimeString().replace(/^.+ \(?([^\)]+)\)?$/, '$1'); date.setMonth(m); return result;},
243+
Z: function(date) { return -date.getTimezoneOffset() * 60; },
244+
// Full Date/Time
245+
c: function(date) { return date.format("Y-m-d") + "T" + date.format("H:i:sP"); },
246+
r: function(date) { return date.toString(); },
247+
U: function(date) { return date.getTime() / 1000; }
248+
};
249+
250+
251+
return {
252+
format: function(oDate) {
253+
var out = '';
254+
for(var i=0;i<fmt.length;i++) {
255+
var c = fmt.charAt(i);
256+
if ( replaceChars[c] ) {
257+
out += replaceChars[c].call(oDate);
258+
} else {
259+
out += c;
260+
}
261+
}
262+
return out;
263+
}
264+
};
265+
};
266+
267+
DateFormat.getDateInstance = function() {
268+
return new DateFormat("M/d/y h:i a");
269+
};
270+
}
271+
272+
$namespace('org.owasp.esapi');
273+
274+
org.owasp.esapi.ESAPI = function( oProperties ) {
275+
var _properties = oProperties;
276+
277+
if ( !_properties ) throw new RuntimeException("Configuration Error - Unable to load $ESAPI_Properties Object");
278+
279+
var _encoder = null;
280+
var _validator = null;
281+
var _logFactory = null;
282+
var _resourceBundle = null;
283+
284+
return {
285+
properties: _properties,
286+
287+
encoder: function() {
288+
if (!_properties.encoder.Implementation) throw new RuntimeException('Configuration Error - $ESAPI.properties.encoder.Implementation object not found.');
289+
if (!_encoder) {
290+
_encoder = new _properties.encoder.Implementation();
291+
}
292+
return _encoder;
293+
},
294+
295+
logFactory: function() {
296+
if (!_properties.logging.Implementation) throw new RuntimeException('Configuration Error - $ESAPI.properties.logging.Implementation object not found.');
297+
if ( !_logFactory ) {
298+
_logFactory = new _properties.logging.Implementation();
299+
}
300+
return _logFactory;
301+
},
302+
303+
logger: function(sModuleName) {
304+
return this.logFactory().getLogger(sModuleName);
305+
},
306+
307+
locale: function() {
308+
return org.owasp.esapi.i18n.Locale.getLocale( _properties.localization.DefaultLocale );
309+
},
310+
311+
resourceBundle: function() {
312+
if (!_resourceBundle) {
313+
_resourceBundle = org.owasp.esapi.i18n.ResourceBundle.getResourceBundle( _properties.localization.StandardResourceBundle, this.locale() );
314+
}
315+
return _resourceBundle;
316+
},
317+
318+
validator: function() {
319+
if (!_properties.validation.Implementation) throw new RuntimeException('Configuration Error - $ESAPI.properties.validation.Implementation object not found.');
320+
if (!_validator) {
321+
_validator = new _properties.validation.Implementation();
322+
}
323+
return _validator;
324+
}
325+
};
326+
};
327+
328+
var $ESAPI = null;
329+
330+
org.owasp.esapi.ESAPI.initialize = function() {
331+
$ESAPI = new org.owasp.esapi.ESAPI( Base.esapi.properties );
332+
};

src/main/javascript/org/owasp/esapi/Encoder.js

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
/*
2+
* OWASP Enterprise Security API (ESAPI)
3+
*
4+
* This file is part of the Open Web Application Security Project (OWASP)
5+
* Enterprise Security API (ESAPI) project. For details, please see
6+
* <a href="http://www.owasp.org/index.php/ESAPI">http://www.owasp.org/index.php/ESAPI</a>.
7+
*
8+
* Copyright (c) 2008 - The OWASP Foundation
9+
*
10+
* The ESAPI is published by OWASP under the BSD license. You should read and accept the
11+
* LICENSE before you use, modify, and/or redistribute this software.
12+
*/
13+
14+
$namespace('org.owasp.esapi');
15+
16+
org.owasp.esapi.Encoder = function() {
17+
18+
}

src/main/javascript/org/owasp/esapi/EncoderConstants.js

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
/*
2+
* OWASP Enterprise Security API (ESAPI)
3+
*
4+
* This file is part of the Open Web Application Security Project (OWASP)
5+
* Enterprise Security API (ESAPI) project. For details, please see
6+
* <a href="http://www.owasp.org/index.php/ESAPI">http://www.owasp.org/index.php/ESAPI</a>.
7+
*
8+
* Copyright (c) 2008 - The OWASP Foundation
9+
*
10+
* The ESAPI is published by OWASP under the BSD license. You should read and accept the
11+
* LICENSE before you use, modify, and/or redistribute this software.
12+
*/
13+
14+
$namespace('org.owasp.esapi');
15+
16+
org.owasp.esapi.EncoderConstants = {
17+
CHAR_LOWERS: [ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' ],
18+
CHAR_UPPERS: [ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z' ],
19+
CHAR_DIGITS: [ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' ],
20+
CHAR_SPECIALS: [ '!', '$', '*', '+', '-', '.', '=', '?', '@', '^', '_', '|', '~' ],
21+
CHAR_LETTERS: [ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z' ],
22+
CHAR_ALNUM: [ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' ]
23+
};

0 commit comments

Comments
 (0)