//
// filename: securityUtil.1.2.js
// author: cheng.tang@alibaba-inc.com
// date: 2009-03-27
// usage: security filter
//
// **** DO NOT change the code without security department's approval. ****
//
var securityUtil = (function() {
	var hD="0123456789ABCDEF";

	var d2h = function(d) {
		var h = hD.substr(d&15,1);

		while(d>15) {
			d>>=4;
			h=hD.substr(d&15,1)+h;
		}
		
		return h;
	};

	return {
		$version : "1.2",

		encodeHTML : function ($str) {
			if ($str == null || $str.length == 0)
			{
				return $str;
			}
			
			var $out = '';
			var $len = $str.length;
			
			for($cnt = 0; $cnt < $len; $cnt++)
			{
				var $c = $str.charCodeAt($cnt);
				if( ($c >= 97 && $c <= 122) ||
					($c >= 65 && $c <= 90 ) ||
					($c >= 48 && $c <= 57 ) ||
					$c == 32 || $c == 44 || $c == 46 )
				{
					$out += $str.charAt($cnt);
				}
				else
				{
					$out += '&#' + $c + ';';
				}
			}
			
			return $out;
		},

		encodeJS : function ($str)
		{
			if($str == null || $str.length == 0)
			{
				return $str;
			}
			
			$out = '';
			$len = $str.length;
			
			for($cnt = 0; $cnt < $len; $cnt++)
			{
				$c = $str.charCodeAt($cnt);
				if( ($c >= 97 && $c <= 122) ||
					($c >= 65 && $c <= 90 ) ||
					($c >= 48 && $c <= 57 ) ||
					$c == 32 || $c == 44 || $c == 46 )
				{
					$out += $str.charAt($cnt);
				}
				else if( $c <= 127 )
				{
					$hex = d2h($c);
					if( $hex.length < 2 )
					{
						'0' + $hex;
					}
					
					$out += '\\x' + $hex;
				}
				else
				{
					$hex = d2h($c);
					while( $hex.length < 4 )
					{
						$hex = '0' + $hex;
					}
					
					$out += '\\u' + $hex;
				}
			}
			
			return $out;
		},

		secureURI : function($uri) {
			$uriLC = $uri.toLowerCase();
		
			if ($uriLC.indexOf('http://') == 0 ||
				$uriLC.indexOf('https://') == 0 ||
				$uriLC.indexOf('/') == 0 ||
				$uriLC.indexOf('./') == 0) {
				return $uri;
			} else {
				return './' + $uri;
			}
		}
	};
})();