Remove EscapeAll mode

EscapeAll tries to escape all non-ASCII characters. Unfortunately, HTML5
numeric entities can't represent most codepoints between U+0080 and
U+009F. The only way to handle those is to use XML entity rules, but
this is an HTML5 entity library.

Also change ' to &rust-lang#39;. It turns out ' isn't part of HTML
until HTML5, so using &rust-lang#39; is more compatible with pre-HTML5 parsers.

Author: lilyball

src/libhtml/escape.rs

@@ -13,7 +13,7 @@
 //! This module contains `Writer`s for escaping/unescaping HTML.
 
 use std::io::{Writer, IoResult};
-use std::{char, str};
+use std::char;
 use entity::ENTITIES;
 
 /// A `Writer` adaptor that escapes any HTML characters written to it.
@@ -32,9 +32,7 @@ pub enum EscapeMode {
     /// Escapes characters for double-quoted attribute values. Escapes `&"`.
     EscapeAttr,
     /// Escapes characters for single-quoted attribute values. Escapes `&'`.
-    EscapeSingleQuoteAttr,
-    /// Escapes all non-printable or non-ASCII characters, with the exception of U+0000.
-    EscapeAll
+    EscapeSingleQuoteAttr
 }
 
 impl<W: Writer> EscapeWriter<W> {
@@ -64,63 +62,24 @@ impl<W: Writer> EscapeWriter<W> {
 
 impl<W: Writer> Writer for EscapeWriter<W> {
     fn write(&mut self, bytes: &[u8]) -> IoResult<()> {
-        if self.mode == EscapeAll {
-            // This mode needs to operate on chars. Everything else is handled below.
-            let s = str::from_utf8_lossy(bytes);
-            let s = s.as_slice();
-            let mut last = 0u;
-            for (i, c) in s.char_indices() {
-                match c {
-                    '&'|'<'|'>'|'"'|'\'' => (),
-                    '\0' | '\x20'..'\x7E' => continue,
-                    _ => ()
-                }
-                if last < i {
-                    try!(self.inner.write_str(s.slice(last, i)));
-                }
-                match c {
-                    '&'|'<'|'>'|'"'|'\'' => {
-                        let ent = match c {
-                            '&' => "&amp;",
-                            '<' => "&lt;",
-                            '>' => "&gt;",
-                            '"' => "&quot;",
-                            '\'' => "&apos;",
-                            _ => unreachable!()
-                        };
-                        try!(self.inner.write_str(ent));
-                    }
-                    _ => {
-                        let c = c as u32;
-                        try!(write!(&mut self.inner as &mut ::std::io::Writer, r"&\#x{:x};", c));
-                    }
-                }
-                last = i + char::len_utf8_bytes(c);
-            }
-            if last < s.as_slice().len() {
-                try!(self.inner.write_str(s.slice_from(last)));
-            }
-        } else {
-            // We only want to escape ASCII values, so we can safely operate on bytes
-            let mut last = 0;
-            for (i, b) in bytes.iter().enumerate() {
-                let ent = match (self.mode, *b as char) {
-                    (_,'&') => "&amp;",
-                    (EscapeDefault,'<') |(EscapeText,'<')             => "&lt;",
-                    (EscapeDefault,'>') |(EscapeText,'>')             => "&gt;",
-                    (EscapeDefault,'\'')|(EscapeSingleQuoteAttr,'\'') => "&apos;",
-                    (EscapeDefault,'"') |(EscapeAttr,'"')             => "&quot;",
-                    _ => continue
-                };
-                if last < i {
-                    try!(self.inner.write(bytes.slice(last, i)));
-                }
-                try!(self.inner.write_str(ent));
-                last = i + 1;
-            }
-            if last < bytes.len() {
-                try!(self.inner.write(bytes.slice_from(last)));
+        let mut last = 0;
+        for (i, b) in bytes.iter().enumerate() {
+            let ent = match (self.mode, *b as char) {
+                (_,'&') => "&amp;",
+                (EscapeDefault,'<') |(EscapeText,'<')             => "&lt;",
+                (EscapeDefault,'>') |(EscapeText,'>')             => "&gt;",
+                (EscapeDefault,'\'')|(EscapeSingleQuoteAttr,'\'') => "&#39;",
+                (EscapeDefault,'"') |(EscapeAttr,'"')             => "&quot;",
+                _ => continue
+            };
+            if last < i {
+                try!(self.inner.write(bytes.slice(last, i)));
             }
+            try!(self.inner.write_str(ent));
+            last = i + 1;
+        }
+        if last < bytes.len() {
+            try!(self.inner.write(bytes.slice_from(last)));
         }
         Ok(())
     }

src/libhtml/tests.rs

@@ -35,7 +35,7 @@ impl fmt::Show for UnTest {
 fn test_escape() {
     let s = r#"<script src="evil.domain?foo&" type='baz'>"#;
     assert_eq!(escape(s).as_slice(), "&lt;script src=&quot;evil.domain?foo&amp;&quot; \
-                                        type=&apos;baz&apos;&gt;");
+                                        type=&#39;baz&#39;&gt;");
 
     let t = Test("foo".to_strbuf());
     assert_eq!(escape(t), "&lt;Test&gt;foo&lt;/Test&gt;".to_owned());
@@ -71,9 +71,9 @@ mod python {
 
     #[test]
     fn test_escape() {
-        // python converts ' to &#x27; but we go to &apos;
+        // python converts ' to &#x27; but we go to &#39;
         assert_eq!(escape(r#"'<script>"&foo;"</script>'"#).as_slice(),
-                   "&apos;&lt;script&gt;&quot;&amp;foo;&quot;&lt;/script&gt;&apos;");
+                   "&#39;&lt;script&gt;&quot;&amp;foo;&quot;&lt;/script&gt;&#39;");
         let mut w = EscapeWriter::new(MemWriter::new(), EscapeText);
         assert!(w.write_str(r#"'<script>"&foo;"</script>'"#).is_ok());
         assert_eq!(w.unwrap().unwrap().as_slice(),