NAME

Rose::HTML::Util - Utility functions for manipulating HTML.

SYNOPSIS

use Rose::HTML::Util qw(:all);

$esc = escape_html($str);
$str = unescape_html($esc);

$esc = escape_uri($str);
$str = unescape_uri($esc);

$comp = escape_uri_component($str);

$esc = encode_entities($str);

DESCRIPTION

Rose::HTML::Util provides aliases and wrappers for common HTML manipulation functions. When running in a mod_perl 1.x web server environment, Apache's C-based functions are used in some cases.

This all may seem silly, but I like to be able to pull these functions from a single location and get the fastest possible versions.

EXPORTS

Rose::HTML::Util does not export any function names by default.

The 'all' tag:

use Rose::HTML::Util qw(:all);

will cause the following function names to be imported:

escape_html()
unescape_html()
escape_uri()
escape_uri_component()
encode_entities()

FUNCTIONS

escape_html STRING [, UNSAFE]

This method passes its arguments to HTML::Entities::encode_entities(). If the list of unsafe characters is omitted, it defaults to <>&"

unescape_html STRING

When running under mod_perl 1.x, this is an alias for Apache::Util::unescape_html(). Otherwise, it's an alias for HTML::Entities::decode().

escape_uri STRING

This is a wrapper for URI::Escape::uri_escape() that is intended to escape entire URIs. Example:

$str = 'http://foo.com/bar?baz=1%&blay=foo bar'
$esc = escape_uri($str);

print $esc; # http://foo.com/bar?baz=1%25&blay=foo%20bar

In other words, it tries to escape all characters that need to be escaped in a URI except those characters that are legitimately part of the URI: forward slashes, the question mark before the query, etc.

The current implementation escapes all characters except those in this set:

A-Za-z0-9\-_.,'!~*#?&()/?@:[]=

Note that the URI-escaped string is not HTML-escaped. In order make a URI safe to include in an HTML page, call escape_html() as well:

$h = '<a href="' . escape_html(escape_uri($str)) . '">foo</a>';
escape_uri_component STRING

When running under mod_perl 1.x, this is an alias for Apache::Util::escape_uri(). Otherwise, it's an alias for URI::Escape::uri_escape().

encode_entities STRING [, UNSAFE]

This method passes its arguments to HTML::Entities::encode_entities(). If the list of unsafe characters is omitted, it defaults to <>&"

AUTHOR

John C. Siracusa (siracusa@gmail.com)

COPYRIGHT

Copyright (c) 2008 by John C. Siracusa. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.