复制代码 代码如下:
//String对象的静态方法
Object.extend(String, {
interpret: function(value) {
return value == null ? '' : String(value);
},
specialChar: {
'\b': '\\b',
'\t': '\\t',
'\n': '\\n',
'\f': '\\f',
'\r': '\\r',
'\\': '\\\\'
}
});
Object.extend(String.prototype, (function() {
//内部方法,为gsub和sub函数初始化replacement参数
function prepareReplacement(replacement) {
if (Object.isFunction(replacement)) return replacement;
var template = new Template(replacement);
return function(match) { return template.evaluate(match) };
}
//用replacement替换所有符合pattern的字符串
//注意当replacement不为函数时,这里面会有一个递归调用,其中参数pattern会变为Template.pattern
//可以参考Template的evaluate方法,这里构造的非常巧妙,在while循环里的else部分会处理这个递归调用的结果
function gsub(pattern, replacement) {
var result = '', source = this, match;
replacement = prepareReplacement(replacement);
if (Object.isString(pattern))
pattern = RegExp.escape(pattern);
//如果pattern参数为null或者'',用把整个字符串按照单个字符分割,并且在每个字符的前后添加replacement
if (!(pattern.length || pattern.source)) {
replacement = replacement('');
return replacement + source.split('').join(replacement) + replacement;
}
while (source.length > 0) {
//如果source匹配pattern
if (match = source.match(pattern)) {
//取出匹配之前的字符串
result += source.slice(0, match.index);
//匹配替换
result += String.interpret(replacement(match));
//把匹配字符之后的部分赋给source,进行下一次匹配
source = source.slice(match.index + match[0].length);
} else { //如果source不匹配pattern,则直接把source添加到结果上,并把source置空,结束循环
result += source, source = '';
}
}
return result;
}
//基本意思和gsub一样,只不过多一个count参数,表示要替换几次
function sub(pattern, replacement, count) {
replacement = prepareReplacement(replacement);
count = Object.isUndefined(count) ? 1 : count;
return this.gsub(pattern, function(match) {
if (--count < 0) return match[0];
return replacement(match);
});
}
//对符合pattern的字符串进行iterator调用
function scan(pattern, iterator) {
this.gsub(pattern, iterator);
return String(this);
}
//按照给定长度截断字符串
function truncate(length, truncation) {
length = length || 30;
truncation = Object.isUndefined(truncation) ? '...' : truncation;
return this.length > length ?
this.slice(0, length - truncation.length) + truncation : String(this);
}
//剔除字符串前后空格
function strip() {
return this.replace(/^\s+/, '').replace(/\s+$/, '');
}
//把字符串的html标记剔除
function stripTags() {
return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/\w+>/gi, '');
}
//把字符串中的script标记剔除
function stripScripts() {
return this.replace(new RegExp(Prototype.ScriptFragment, 'img'), '');
}
//获取字符串中的script内容
function extractScripts() {
var matchAll = new RegExp(Prototype.ScriptFragment, 'img');
var matchOne = new RegExp(Prototype.ScriptFragment, 'im');
return (this.match(matchAll) || []).map(function(scriptTag) {
return (scriptTag.match(matchOne) || ['', ''])[1];
});
}
//执行字符串中的script内容
function evalScripts() {
return this.extractScripts().map(function(script) { return eval(script) });
}
//转义HTML内容,例如把'<>&'等特殊字符替换成标准的HTML表达形式
function escapeHTML() {
escapeHTML.text.data = this;
return escapeHTML.div.innerHTML;
}
function unescapeHTML() {
var div = document.createElement('div');
div.innerHTML = this.stripTags();
return div.childNodes[0] ? (div.childNodes.length > 1 ?
$A(div.childNodes).inject('', function(memo, node) { return memo+node.nodeValue }) :
div.childNodes[0].nodeValue) : '';
}
//按照separator参数把字符串分割成查询参数形式
function toQueryParams(separator) {
var match = this.strip().match(/([^?#]*)(#.*)?$/);
if (!match) return { };
return match[1].split(separator || '&').inject({ }, function(hash, pair) {
if ((pair = pair.split('='))[0]) {
var key = decodeURIComponent(pair.shift());
var value = pair.length > 1 ? pair.join('=') : pair[0];
if (value != undefined) value = decodeURIComponent(value);
if (key in hash) {
if (!Object.isArray(hash[key])) hash[key] = [hash[key]];
hash[key].push(value);
}
else hash[key] = value;
}
return hash;
});
}
function toArray() {
return this.split('');
}
//返回字符串的字符
function succ() {
return this.slice(0, this.length - 1) +
String.fromCharCode(this.charCodeAt(this.length - 1) + 1);
}
//获得重复的字符串
function times(count) {
return count < 1 ? '' : new Array(count + 1).join(this);
}
//把css样式类型的字符串转换成脚本形式
function camelize() {
var parts = this.split('-'), len = parts.length;
if (len == 1) return parts[0];
var camelized = this.charAt(0) == '-'
? parts[0].charAt(0).toUpperCase() + parts[0].substring(1)
: parts[0];
for (var i = 1; i < len; i++)
camelized += parts[i].charAt(0).toUpperCase() + parts[i].substring(1);
return camelized;
}
//首字母大写
function capitalize() {
return this.charAt(0).toUpperCase() + this.substring(1).toLowerCase();
}
//'borderBottomWidth'.underscore();
// -> 'border_bottom_width'
function underscore() {
return this.gsub(/::/, '/').gsub(/([A-Z]+)([A-Z][a-z])/,'#{1}_#{2}').gsub(/([a-z\d])([A-Z])/,'#{1}_#{2}').gsub(/-/,'_').toLowerCase();
}
//'border_bottom_width'.dasherize();
// -> 'border-bottom-width'
function dasherize() {
return this.gsub(/_/,'-');
}
//Returns a debug-oriented version of the string(返回一个用来调式的字符串)
function inspect(useDoubleQuotes) {
var escapedString = this.gsub(/[\x00-\x1f\\]/, function(match) {
var character = String.specialChar[match[0]];
return character ? character : '\\u00' + match[0].charCodeAt().toPaddedString(2, 16);
});
if (useDoubleQuotes) return '"' + escapedString.replace(/"/g, '\\"') + '"';
return "'" + escapedString.replace(/'/g, '\\\'') + "'";
}
function toJSON() {
return this.inspect(true);
}
function unfilterJSON(filter) {
return this.sub(filter || Prototype.JSONFilter, '#{1}');
}
function isJSON() {
var str = this;
if (str.blank()) return false;
str = this.replace(/\\./g, '@').replace(/"[^"\\\n\r]*"/g, '');
return (/^[,:{}\[\]0-9.\-+Eaeflnr-u \n\r\t]*$/).test(str);
}
//Strips comment delimiters around Ajax JSON or JavaScript responses. This security method is called internally.
function evalJSON(sanitize) {
var json = this.unfilterJSON();
try {
if (!sanitize || json.isJSON()) return eval('(' + json + ')');
} catch (e) { }
throw new SyntaxError('Badly formed JSON string: ' + this.inspect());
}
function include(pattern) {
return this.indexOf(pattern) > -1;
}
function startsWith(pattern) {
return this.indexOf(pattern) === 0;
}
function endsWith(pattern) {
var d = this.length - pattern.length;
return d >= 0 && this.lastIndexOf(pattern) === d;
}
function empty() {
return this == '';
}
function blank() {
return /^\s*$/.test(this);
}
//和Template的evaluate方法一样
function interpolate(object, pattern) {
return new Template(this, pattern).evaluate(object);
}
return {
gsub: gsub,
sub: sub,
scan: scan,
truncate: truncate,
strip: String.prototype.trim ? String.prototype.trim : strip,
stripTags: stripTags,
stripScripts: stripScripts,
extractScripts: extractScripts,
evalScripts: evalScripts,
escapeHTML: escapeHTML,
unescapeHTML: unescapeHTML,
toQueryParams: toQueryParams,
parseQuery: toQueryParams,
toArray: toArray,
succ: succ,
times: times,
camelize: camelize,
capitalize: capitalize,
underscore: underscore,
dasherize: dasherize,
inspect: inspect,
toJSON: toJSON,
unfilterJSON: unfilterJSON,
isJSON: isJSON,
evalJSON: evalJSON,
include: include,
startsWith: startsWith,
endsWith: endsWith,
empty: empty,
blank: blank,
interpolate: interpolate
};
})());
Object.extend(String.prototype.escapeHTML, {
div: document.createElement('div'),
text: document.createTextNode('')
});
String.prototype.escapeHTML.div.appendChild(String.prototype.escapeHTML.text);
//以下估计是解决浏览器兼容问题
if ('<\n>'.escapeHTML() !== '<\n>') {
String.prototype.escapeHTML = function() {
return this.replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>');
};
}
if ('<\n>'.unescapeHTML() !== '<\n>') {
String.prototype.unescapeHTML = function() {
return this.stripTags().replace(/</g,'<').replace(/>/g,'>').replace(/&/g,'&');
};
}
blank
camelize
capitalize
dasherize
empty
endsWith
escapeHTML
evalJSON
evalScripts
extractScripts
gsub
include
inspect
interpolate
isJSON
parseQuery
scan
startsWith
strip
stripScripts
stripTags
sub
succ
times
toArray
toJSON
toQueryParams
truncate
underscore
unescapeHTML
unfilterJSON
下面只给出一些重要方法的例子,简单方法就略过了
escapeHTML() /unescapeHTML() :
复制代码 代码如下:
'<div class="article">This is an article</div>'.escapeHTML();
// -> "<div class="article">This is an article</div>"
'x > 10'.unescapeHTML()
// -> 'x > 10' '<h1>Pride & Prejudice</h1>'.unescapeHTML()
// -> 'Pride & Prejudice'
evalJSON() /evalScripts() :
String对象里面的有几个方法是为了防止XSS Attack攻击的,有兴趣的可以搜一下,下面给出XSS的概念:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users.
复制代码 代码如下:
var person = '{ "name": "Violet", "occupation": "character" }'.evalJSON();
person.name;
//-> "Violet"
person = 'grabUserPassword()'.evalJSON(true);
//-> SyntaxError: Badly formed JSON string: 'grabUserPassword()'
person = '/*-secure-\n{"name": "Violet", "occupation": "character"}\n*/'.evalJSON()
person.name;
//-> "Violet"
复制代码 代码如下:
'lorem... <script type="text/javascript"><!--
2 + 2
// --></script>'.evalScripts();
// -> [4]
'<script type="text/javascript"><!--
2 + 2
// --></script><script type="text/javascript"><!--
alert("hello world!")
// --></script>'.evalScripts();
// -> [4, undefined] (and displays 'hello world!' in the alert dialog)
gsub() /sub() :
复制代码 代码如下:
var mouseEvents = 'click dblclick mousedown mouseup mouseover mousemove mouseout'; mouseEvents.gsub(' ', ', ');
// -> 'click, dblclick, mousedown, mouseup, mouseover, mousemove, mouseout'
mouseEvents.gsub(/\w+/, function(match){return 'on' + match[0].capitalize()});
// -> 'onClick onDblclick onMousedown onMouseup onMouseover onMousemove onMouseout'
var markdown = '![a pear](/img/pear.jpg) ![an orange](/img/orange.jpg)';
markdown.gsub(/!\[(.*?)\]\((.*?)\)/, function(match){ return '<img alt="' + match[1] + '" src="/UploadFiles/2021-04-02/' + match[2] + '">// -> '<img alt="a pear" src="/UploadFiles/2021-04-02/pear.jpg">
//==================================================
var fruits = 'apple pear orange';
fruits.sub(' ', ', '); // -> 'apple, pear orange'
fruits.sub(' ', ', ', 1); // -> 'apple, pear orange'
fruits.sub(' ', ', ', 2); // -> 'apple, pear, orange'
fruits.sub(/\w+/, function(match){return match[0].capitalize() + ','}, 2);
// -> 'Apple, Pear, orange'
var markdown = '![a pear](/img/pear.jpg) ![an orange](/img/orange.jpg)';
markdown.sub(/!\[(.*?)\]\((.*?)\)/, function(match){ return '<img alt="' + match[1] + '" src="/UploadFiles/2021-04-02/' + match[2] + '">// -> '<img alt="a pear" src="/UploadFiles/2021-04-02/pear.jpg">
markdown.sub(/!\[(.*?)\]\((.*?)\)/, '<img alt="#{1}" src="/UploadFiles/2021-04-02/#{2}">// -> '<img alt="a pear" src="/UploadFiles/2021-04-02/pear.jpg">
interpolate() :
复制代码 代码如下:
"#{animals} on a #{transport}".interpolate({ animals: "Pigs", transport: "Surfboard" });
//-> "Pigs on a Surfboard"
scan() :
复制代码 代码如下:
var fruits = [];
'apple, pear & orange'.scan(/\w+/, function(match){ fruits.push(match[0])}); fruits.inspect()
// -> ['apple', 'pear', 'orange']
times() :
复制代码 代码如下:
"echo ".times(3); //-> "echo echo echo "
toQueryParams():
复制代码 代码如下:
'section=blog&id=45'.toQueryParams();
// -> {section: 'blog', id: '45'}
'section=blog;id=45'.toQueryParams();
// -> {section: 'blog', id: '45'}
'http://www.example.com?section=blog&id=45#comments'.toQueryParams();
// -> {section: 'blog', id: '45'}
'section=blog&tag=javascript&tag=prototype&tag=doc'.toQueryParams();
// -> {section: 'blog', tag:['javascript', 'prototype', 'doc']}
'tag=ruby%20on%20rails'.toQueryParams();
// ->