© 2009 Google - Privacy Policy - Terms and Conditions - About Google
See: Description
| Interface | Description |
|---|---|
| ShortCircuitable |
An interface that may be implemented by a SoyPrintDirective to inform callers that it will
short-circuit execution for certain kinds of inputs.
|
| Class | Description |
|---|---|
| AbstractGenerateSoyEscapingDirectiveCode |
Abstract class for generating code relied upon by escaping directives.
|
| AbstractGenerateSoyEscapingDirectiveCode.FileRef |
A file reference like
<input path="foo.txt"/>. |
| AbstractGenerateSoyEscapingDirectiveCode.FunctionNamePredicate |
A wrapper around a library function name predicate like
<libdefined name="goog.*"/>. |
| AbstractStreamingHtmlEscaper |
A delegating
LoggingAdvisingAppendable that can detect when the appendable is in an html
context or not. |
| ApiCallScopeUtils |
Shared utilities for working with the ApiCallScope.
|
| DelTemplateSelector<T> |
Utility for applying deltemplate selection logic to an arbitrary set of values.
|
| DelTemplateSelector.Builder<T> |
A Builder for DelTemplateSelector.
|
| DirectiveDigest |
The identifiers associated with the support for a particular escaping directive.
|
| EscapingConventions |
Definitions of escaping functions that behave consistently in JavaScript and Java that implement
the escaping directives as in
{print $x |escapeJsString}. |
| EscapingConventions.CrossLanguageStringXform |
A transformation on strings that preserves some correctness or safety properties.
|
| EscapingConventions.Escape |
A mapping from a plain text character to the escaped text in the target language.
|
| EscapingConventions.EscapeCssString |
Implements the
|escapeCssString directive which allows arbitrary content to be included
in a CSS quoted string or identifier. |
| EscapingConventions.EscapeHtml |
Implements the
|escapeHtml directive. |
| EscapingConventions.EscapeHtmlNospace |
Implements the
|escapeHtmlNoSpace directive which allows arbitrary content to be
included in the value of an unquoted HTML attribute. |
| EscapingConventions.EscapeJsRegex |
Implements the
|escapeJsRegex directive which allows arbitrary content to be included
inside a JavaScript regular expression. |
| EscapingConventions.EscapeJsString |
Implements the
|escapeJsString directive which allows arbitrary content to be included
inside a quoted JavaScript string. |
| EscapingConventions.EscapeUri |
Implements the
|escapeUri directive which allows arbitrary content to be included in a
URI regardless of the string delimiters of the the surrounding language. |
| EscapingConventions.FilterCssValue |
Implements the
|filterCssValue directive which filters out strings that are not valid
CSS property names, keyword values, quantities, hex colors, or ID or class literals. |
| EscapingConventions.FilterHtmlAttributes |
Implements the
|filterHtmlAttributes directive which filters out identifiers that can't
appear as part of an HTML tag or attribute name. |
| EscapingConventions.FilterHtmlElementName |
Implements the
|filterHtmlElementName directive which filters out identifiers that
can't appear as part of an HTML tag or attribute name. |
| EscapingConventions.FilterImageDataUri |
Accepts only data URI's that contain an image.
|
| EscapingConventions.FilterNormalizeMediaUri |
Like
EscapingConventions.FilterNormalizeUri, but also accepts data: and blob: URIs, since
image sources don't execute script in the same origin as the page (although image handling
0-days are available from time to time, but a templating language can't realistically try to
protect against such a thing). |
| EscapingConventions.FilterNormalizeUri |
Like
EscapingConventions.NormalizeUri but filters out dangerous protocols. |
| EscapingConventions.FilterSipUri |
Accepts only sip URIs but does not verify complete correctness.
|
| EscapingConventions.FilterTelUri |
Accepts only tel URIs but does not verify complete correctness.
|
| EscapingConventions.NormalizeHtml |
A directive that encodes any HTML special characters that can appear in RCDATA unescaped but
that can be escaped without changing semantics.
|
| EscapingConventions.NormalizeHtmlNospace |
A directive that encodes any HTML special characters and unquoted attribute terminators that
can appear in RCDATA unescaped but that can be escaped without changing semantics.
|
| EscapingConventions.NormalizeUri |
Implements the
|normalizeUri directive which allows arbitrary content to be included in
a URI regardless of the string delimiters of the the surrounding language. |
| FindCalleesNotInFileVisitor |
Visitor for finding the templates called in a file that are not defined in the file.
|
| GuiceSimpleScope |
Scopes a single execution of a block of code.
|
| MainEntryPointUtils |
Private shared utils for main entry point classes (e.g.
|
| ResolvedSignature |
A Soy function signature.
|
| Sanitizers |
Java implementations of functions that escape, normalize, and filter untrusted strings to allow
them to be safely embedded in particular contexts.
|
| SharedModule |
Guice module for shared classes.
|
| SharedRuntime |
Runtime implementation of common expression operators to be shared between the
jbcsrc and
Tofu backends. |
| StreamingEscaper |
A StreamingEscaper is a decorator for a
LoggingAdvisingAppendable that applies escaping
logic to untrusted content. |
| TagWhitelist |
Contains lower-case names of innocuous HTML elements.
|
| Enum | Description |
|---|---|
| BuiltinFunction |
Enum of built-in functions supported in Soy expressions.
|
| EscapingConventions.EscapingLanguage |
The list of potential languages which are used by the escapers.
|
| TagWhitelist.OptionalSafeTag |
Additional tags which can be white-listed as safe.
|
| Annotation Type | Description |
|---|---|
| ApiCallScope |
Guice scope for a Soy API method call.
|
© 2009 Google - Privacy Policy - Terms and Conditions - About Google