escape_utils¶ ↑

Being as though we’re all html escaping everything these days, why not make it faster?

At the moment escape_utils supports escaping and unescaping of HTML, and Javascript but I wanna add URL encoding soon.

For character encoding in 1.9, we’ll return strings in whatever Encoding.default_internal is set to or utf-8 otherwise.

It has monkey-patches for Rack::Utils, CGI, ERB::Util and Haml and ActionView so you can drop this in and have your app start escaping fast as balls in no time

Installing¶ ↑

gem install escape_utils

Usage¶ ↑

HTML¶ ↑

Escaping¶ ↑

html = `curl -s http://maps.google.com`
escaped_html = EscapeUtils.escape_html(html)

Unescaping¶ ↑

html = `curl -s http://maps.google.com`
escaped_html = EscapeUtils.escape_html(html)
html = EscapeUtils.unescape_html(escaped_html)

Monkey Patches¶ ↑

require 'escape_utils/html/rack' # to patch Rack::Utils
require 'escape_utils/html/erb' # to patch ERB::Util
require 'escape_utils/html/cgi' # to patch CGI
require 'escape_utils/html/haml' # to patch Haml::Helpers

Javascript¶ ↑

Escaping¶ ↑

javascript = `curl -s http://code.jquery.com/jquery-1.4.2.js`
escaped_javascript = EscapeUtils.escape_javascript(javascript)

Monkey Patches¶ ↑

require 'escape_utils/javascript/action_view' # to patch ActionView::Helpers::JavaScriptHelper

Benchmarks¶ ↑

In my testing, escaping html is around 10-20x faster than the pure ruby implementations in wide use today. While unescaping html is around 40-70x faster than CGI.unescapeHTML - also pure ruby. Escaping Javascript is around 16-30x faster.

This output is from my laptop using the benchmark scripts in the benchmarks folder.

HTML¶ ↑

Escaping¶ ↑

Rack::Utils.escape_html
 0.560000   0.040000   0.600000 (  0.589475)
ERB::Util.html_escape
 0.450000   0.040000   0.490000 (  0.492893)
CGI.escapeHTML
 0.460000   0.030000   0.490000 (  0.490171)
Haml::Helpers.html_escape
 0.430000   0.010000   0.440000 (  0.444694)
EscapeUtils.escape_html
 0.040000   0.010000   0.050000 (  0.046350)

Unescaping¶ ↑

CGI.unescapeHTML
 1.140000   0.010000   1.150000 (  1.148470)
EscapeUtils.unescape_html
 0.020000   0.010000   0.030000 (  0.017914)

Javascript¶ ↑

Escaping¶ ↑

ActionView::Helpers::JavaScriptHelper#escape_javascript
 2.000000   0.020000   2.020000 (  2.023047)
EscapeUtils.escape_javascript
 0.090000   0.010000   0.100000 (  0.100854)

Unescaping¶ ↑

I didn’t look that hard, but I’m not aware of another ruby library that does Javascript unescaping to benchmark against. Anyone know of any?

yury / escape_utils Goto Github PK

escape_utils's Introduction

escape_utils¶ ↑

Installing¶ ↑

Usage¶ ↑

HTML¶ ↑

Escaping¶ ↑

Unescaping¶ ↑

Monkey Patches¶ ↑

Javascript¶ ↑

Escaping¶ ↑

Monkey Patches¶ ↑

Benchmarks¶ ↑

HTML¶ ↑

Escaping¶ ↑

Unescaping¶ ↑

Javascript¶ ↑

Escaping¶ ↑

Unescaping¶ ↑

escape_utils's People

Contributors

Stargazers

Watchers

Recommend Projects

Recommend Topics

Recommend Org