12

我正在为具有 inApp 邮件发送功能的 iPhone 开发应用程序。到目前为止一切顺利,但现在我想避免 html 注入,因为邮件的某些部分是用户生成的文本。

基本上我搜索这样的东西:

// inits
NSString *sourceString = [NSString stringWithString:@"Hello world! Grüße dich Welt <-- This is in German."];

//                                          -----   THAT'S WHAT I'M LOOKING FOR
// pseudo-code                              |
//                                          V
NSString *htmlEncodedString = [sourceString htmlEncode];

// log
NSLog(@"source string: %@", sourceString);
NSLog(@"encoded string: %@", htmlEncodedString);

预期的输出
source string: Hello world! Grüße dich Welt <-- This is in German.
encoded string: Hello world! Gr&#252;&#223;e dich Welt &lt;-- This is in German.

我已经用谷歌搜索并查看了几个 SO 的问题和答案,但所有这些似乎都与URL 编码有关,这不是我真正需要的(我试过stringByAddingPercentEscapesUsingEncoding没有运气 - 它创建 %C3%BC 出'ü' 应该是 ü)。

代码示例真的很棒(纠正我的?)...

——
提前感谢,
马库斯

4

6 回答 6

17

查看我的NSString 类别的 HTML。以下是可用的方法:

- (NSString *)stringByConvertingHTMLToPlainText;
- (NSString *)stringByDecodingHTMLEntities;
- (NSString *)stringByEncodingHTMLEntities;
- (NSString *)stringWithNewLinesAsBRs;
- (NSString *)stringByRemovingNewLinesAndWhitespace;
于 2010-05-16T11:03:19.047 回答
11

谢谢@所有人。我最终使用了自己的实现:

//
// _________________________________________
//
// textToHtml
// _________________________________________
//
- (NSString*)textToHtml:(NSString*)htmlString {
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&"  withString:@"&amp;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<"  withString:@"&lt;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@">"  withString:@"&gt;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"&quot;"];    
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'"  withString:@"&#039;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br>"];
    return htmlString;
}
于 2009-11-04T11:21:40.343 回答
3

@Markus 代码的一点改进【将<br />改为<p></p>,转义多个空格】

- (NSString*)textToHtml:(NSString*)htmlString {
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"&"  withString:@"&amp;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"<"  withString:@"&lt;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@">"  withString:@"&gt;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"""" withString:@"&quot;"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"'"  withString:@"&#039;"];

    htmlString = [@"<p>" stringByAppendingString:htmlString];
    htmlString = [htmlString stringByAppendingString:@"</p>"];
    htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"</p><p>"];
//  htmlString = [htmlString stringByReplacingOccurrencesOfString:@"\n" withString:@"<br />"];
    while ([htmlString rangeOfString:@"  "].length > 0) {
        htmlString = [htmlString stringByReplacingOccurrencesOfString:@"  " withString:@"&nbsp;&nbsp;"];
    }
    return htmlString;
}
于 2014-02-14T08:19:24.040 回答
1

我一直在寻找类似的解决方案,这为我完成了工作

NSString* value = @"<&>";
const void* keys[1] = {CFSTR("somekey")};
const void* values[1] = {value};    
CFDictionaryRef dicRef =  CFDictionaryCreate(kCFAllocatorDefault, keys, values, 1, nil, nil);    
CFDataRef dataRef = CFPropertyListCreateData(kCFAllocatorDefault, dicRef, kCFPropertyListXMLFormat_v1_0, 0, NULL);    
NSString *str = [[NSString alloc]initWithData:(NSData *)dataRef encoding:NSUTF8StringEncoding];    
NSRange start =[str rangeOfString:@"string>"];
NSRange end =[str rangeOfString:@"</string"];    
NSString *substr = [str substringWithRange:NSMakeRange(start.location+start.length, end.location-(start.location+start.length))];
[str release];
CFRelease(dicRef);
CFRelease(dataRef);

//子字符串现在是html实体编码的

我正在使用保存 plist 文件时使用的一些功能。我希望这有帮助。

于 2011-10-01T08:07:41.650 回答
1

我正在扩展@Markus 答案,因为我的情况是我正在发送 JSON 字符串,所以我需要添加一些转义,这些是我的功能:

注意:来自 w3schools 的异常参考。https://www.w3schools.com/tags/ref_urlencode.asp

- (NSString*)convertStringToHTMLEscape:(NSString*)stringContent
{
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"{" withString:@"%7B"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"}" withString:@"%7D"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"[" withString:@"%5B"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"]" withString:@"%5D"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@" " withString:@"%20"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\"" withString:@"%22"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"\\" withString:@"%5C"];
    stringContent = [stringContent stringByReplacingOccurrencesOfString:@"/" withString:@"%2F"];

    return stringContent;
}
于 2017-07-06T13:55:36.517 回答
0

假设电子邮件的字符编码支持 Unicode(例如 UTF-8),您是否可以不只是查找和替换出现的<,>&,和?&lt&gt&amp;

于 2009-11-03T12:02:18.880 回答