+ * Schemes that are safe w.r.t. XSS but that may trigger other problematic + * actions when presented in the context of a "regular" link are not + * whitelisted by default but can still be converted to SafeUrl by + * whitelisting them explicitly in the SafeUrl sanitization API. In other + * words, the caller has to indicate that they're expecting to process + * such custom schemes. + * iOS Webview does not ask for confirmation before invoking 'tel', so + * unintentional or out-of-context clicks could result in unintended calling + * charges. + *+ * + *
TEL = 0;
+ */
+ TEL(0),
+ /**
+ * SMS = 1;
+ */
+ SMS(1),
+ /**
+ * + * Similarly to 'tel' can result in unintended calling charges on iOS. + *+ * + *
CALLTO = 2;
+ */
+ CALLTO(2),
+ /**
+ * WTAI = 3;
+ */
+ WTAI(3),
+ /**
+ * + * Can start a media stream, potentially triggering an exploit for + * Stagefright. + *+ * + *
RTSP = 4;
+ */
+ RTSP(4),
+ /**
+ * + * Can open Play Store dialog with 'Install' button, though will not + * automatically install an app. + *+ * + *
MARKET = 5;
+ */
+ MARKET(5),
+ /**
+ * GEO = 6;
+ */
+ GEO(6),
+ /**
+ * SKYPE = 7;
+ */
+ SKYPE(7),
+ /**
+ * WHATSAPP = 8;
+ */
+ WHATSAPP(8),
+ /**
+ * + * Custom scheme for iBooks URIs. More background: b/32807272. + *+ * + *
ITMS_BOOKS = 9;
+ */
+ ITMS_BOOKS(9),
+ ;
+
+ /**
+ * + * Schemes that are safe w.r.t. XSS but that may trigger other problematic + * actions when presented in the context of a "regular" link are not + * whitelisted by default but can still be converted to SafeUrl by + * whitelisting them explicitly in the SafeUrl sanitization API. In other + * words, the caller has to indicate that they're expecting to process + * such custom schemes. + * iOS Webview does not ask for confirmation before invoking 'tel', so + * unintentional or out-of-context clicks could result in unintended calling + * charges. + *+ * + *
TEL = 0;
+ */
+ public static final int TEL_VALUE = 0;
+ /**
+ * SMS = 1;
+ */
+ public static final int SMS_VALUE = 1;
+ /**
+ * + * Similarly to 'tel' can result in unintended calling charges on iOS. + *+ * + *
CALLTO = 2;
+ */
+ public static final int CALLTO_VALUE = 2;
+ /**
+ * WTAI = 3;
+ */
+ public static final int WTAI_VALUE = 3;
+ /**
+ * + * Can start a media stream, potentially triggering an exploit for + * Stagefright. + *+ * + *
RTSP = 4;
+ */
+ public static final int RTSP_VALUE = 4;
+ /**
+ * + * Can open Play Store dialog with 'Install' button, though will not + * automatically install an app. + *+ * + *
MARKET = 5;
+ */
+ public static final int MARKET_VALUE = 5;
+ /**
+ * GEO = 6;
+ */
+ public static final int GEO_VALUE = 6;
+ /**
+ * SKYPE = 7;
+ */
+ public static final int SKYPE_VALUE = 7;
+ /**
+ * WHATSAPP = 8;
+ */
+ public static final int WHATSAPP_VALUE = 8;
+ /**
+ * + * Custom scheme for iBooks URIs. More background: b/32807272. + *+ * + *
ITMS_BOOKS = 9;
+ */
+ public static final int ITMS_BOOKS_VALUE = 9;
+
+
+ public final int getNumber() {
+ return value;
+ }
+
+ /**
+ * @deprecated Use {@link #forNumber(int)} instead.
+ */
+ @java.lang.Deprecated
+ public static CustomSafeUrlScheme valueOf(int value) {
+ return forNumber(value);
+ }
+
+ public static CustomSafeUrlScheme forNumber(int value) {
+ switch (value) {
+ case 0: return TEL;
+ case 1: return SMS;
+ case 2: return CALLTO;
+ case 3: return WTAI;
+ case 4: return RTSP;
+ case 5: return MARKET;
+ case 6: return GEO;
+ case 7: return SKYPE;
+ case 8: return WHATSAPP;
+ case 9: return ITMS_BOOKS;
+ default: return null;
+ }
+ }
+
+ public static com.google.protobuf.Internal.EnumLiteMapValues of this type are guaranteed to be safe to use in HTML contexts, such as, assignment to + * the innerHTML DOM property, or interpolation into a HTML template in HTML PC_DATA context, in + * the sense that the use will not result in a Cross-Site-Scripting vulnerability. + */ +@CheckReturnValue +@Immutable +@JsType +public final class SafeHtml { + + /** The SafeHtml wrapping an empty string. */ + public static final SafeHtml EMPTY = new SafeHtml(""); + + private final String privateDoNotAccessOrElseSafeHtmlWrappedValue; + + SafeHtml(String html) { + if (html == null) { + throw new NullPointerException(); + } + this.privateDoNotAccessOrElseSafeHtmlWrappedValue = html; + } + + @Override + public int hashCode() { + return privateDoNotAccessOrElseSafeHtmlWrappedValue.hashCode() ^ 0x33b02fa9; + } + + @Override + public boolean equals(Object other) { + if (!(other instanceof SafeHtml)) { + return false; + } + SafeHtml that = (SafeHtml) other; + return this.privateDoNotAccessOrElseSafeHtmlWrappedValue.equals( + that.privateDoNotAccessOrElseSafeHtmlWrappedValue); + } + + /** + * Returns a debug representation of this value's underlying string, NOT the string representation + * of the SafeHtml. + * + *
Having {@code toString()} return a debug representation is intentional. This type has + * a GWT-compiled JavaScript version; JavaScript has no static typing and a distinct method + * method name provides a modicum of type-safety. + * + * @see #getSafeHtmlString + */ + @Override + public String toString() { + return "SafeHtml{" + privateDoNotAccessOrElseSafeHtmlWrappedValue + "}"; + } + + /** + * Returns this value's underlying string. See class documentation for what guarantees exist on + * the returned string. + */ + // NOTE(mlourenco): jslayout depends on this exact method name when generating code, be careful if + // changing it. + public String getSafeHtmlString() { + return privateDoNotAccessOrElseSafeHtmlWrappedValue; + } +} diff --git a/third_party/safe_html_types/com/google/common/html/types/SafeHtmlBuilder.java b/third_party/safe_html_types/com/google/common/html/types/SafeHtmlBuilder.java new file mode 100644 index 00000000000..ea70d08ee90 --- /dev/null +++ b/third_party/safe_html_types/com/google/common/html/types/SafeHtmlBuilder.java @@ -0,0 +1,1079 @@ +// **** GENERATED CODE, DO NOT MODIFY **** +// This file was generated via preprocessing from input: +// java/com/google/common/html/types/SafeHtmlBuilder.java.tpl +// Please make changes to that file and run +// java/com/google/common/html/types/gen_srcs.sh +// to regenerate the .java files. +// *************************************** +/* + * Copyright 2016 Google Inc. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.google.common.html.types; + +import static com.google.common.html.types.BuilderUtils.coerceToInterchangeValid; +import static com.google.common.html.types.BuilderUtils.escapeHtmlInternal; + +import com.google.common.annotations.GwtCompatible; +import com.google.errorprone.annotations.CompileTimeConstant; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Locale; +import java.util.Map; +import java.util.Set; +import javax.annotation.CheckReturnValue; +import javax.annotation.Generated; +import javax.annotation.Nullable; +import javax.annotation.concurrent.NotThreadSafe; + +/** + * Builder for HTML elements which conform to the {@link SafeHtml} contract. Supports setting + * element name, individual attributes and content. + * + *
While this builder disallows some invalid HTML constructs (for example, void elements with
+ * content) it does not guarantee well-formed HTML (for example, attribute values are not strictly
+ * enforced if they pose no security risk). A large number of runtime failures are possible and it
+ * is therefore recommended to thoroughly unit test code using this builder.
+ */
+@Generated(value = "//java/com/google/common/html/types:gen_srcs.sh")
+@GwtCompatible
+@NotThreadSafe
+public final class SafeHtmlBuilder {
+ // Keep these regular expressions compatible across Java and JavaScript native implementations.
+ // They are uncompiled because we couldn't depend on java.util.regex.Pattern or
+ // com.google.gwt.regexp.shared.RegExp
+ private static final String VALID_ELEMENT_NAMES_REGEXP = "[a-z0-9-]+";
+ private static final String VALID_DATA_ATTRIBUTES_REGEXP = "data-[a-zA-Z-]+";
+
+ private static final Set If {@code elementName} is not a void element then the string representation of the builder
+ * is {@code {@code embed}, {@code object}, {@code script}, {@code style}, {@code template} are not
+ * supported because their content has special semantics, and they can result the execution of
+ * code not under application control. Some of these have dedicated creation methods.
+ *
+ * @throws IllegalArgumentException if {@code elementName} contains invalid characters or is not
+ * supported
+ * @see http://whatwg.org/html/syntax.html#void-elements
+ */
+ public SafeHtmlBuilder(@CompileTimeConstant final String elementName) {
+ if (elementName == null) {
+ throw new NullPointerException();
+ }
+ if (!elementName.matches(VALID_ELEMENT_NAMES_REGEXP)) {
+ throw new IllegalArgumentException(
+ "Invalid element name \""
+ + elementName
+ + "\". "
+ + "Only lowercase letters, numbers and '-' allowed.");
+ }
+ if (UNSUPPORTED_ELEMENTS.contains(elementName)) {
+ throw new IllegalArgumentException("Element \"" + elementName + "\" is not supported.");
+ }
+ this.elementName = elementName;
+ }
+
+ /**
+ * Causes the builder to use a slash on the tag of a void element, emitting e.g. {@code This setting has no effect for non-void elements.
+ *
+ * @see http://www.w3.org/TR/html5/syntax.html#start-tags
+ */
+ public SafeHtmlBuilder useSlashOnVoid() {
+ useSlashOnVoid = true;
+ return this;
+ }
+ /** These elements are whitelisted to use action with a SafeUrl value. */
+ private static final Set The attribute {@code action} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * The attribute {@code cite} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * The attribute {@code formaction} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * The attribute {@code formmethod} with a {@code String} value is allowed on these elements:
+ *
+ * The attribute {@code href} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * On {@code link} elements, {@code href} may only be set to a SafeUrl value if {@code rel} is
+ * one of the following values:
+ *
+ * The attribute {@code icon} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * The attribute {@code media} with a {@code String} value is allowed on these elements:
+ *
+ * The attribute {@code method} with a {@code String} value is allowed on these elements:
+ *
+ * The attribute {@code pattern} with a {@code String} value is allowed on these elements:
+ *
+ * The attribute {@code poster} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * If this is a {@code link}} element, and {@code href} has been set from a {@link SafeUrl},
+ * then {@code value} has to be an allowed value. See {@link #setHref(SafeHtml)}.
+ *
+ * @throws IllegalArgumentException if this is a {@code link} element and this value of {@code
+ * rel} is not allowed
+ */
+ public SafeHtmlBuilder setRel(String value) {
+ checkLinkDependentAttributes(value, hrefValueContract);
+ return setAttribute("rel", value);
+ }
+
+ /** Sets the {@code required} attribute for this element. */
+ public SafeHtmlBuilder setRequired(String value) {
+ return setAttribute("required", value);
+ }
+
+ /** Sets the {@code reversed} attribute for this element. */
+ public SafeHtmlBuilder setReversed(String value) {
+ return setAttribute("reversed", value);
+ }
+
+ /** Sets the {@code role} attribute for this element. */
+ public SafeHtmlBuilder setRole(String value) {
+ return setAttribute("role", value);
+ }
+
+ /** Sets the {@code rows} attribute for this element. */
+ public SafeHtmlBuilder setRows(String value) {
+ return setAttribute("rows", value);
+ }
+
+ /** Sets the {@code rowspan} attribute for this element. */
+ public SafeHtmlBuilder setRowspan(String value) {
+ return setAttribute("rowspan", value);
+ }
+
+ /** Sets the {@code selected} attribute for this element. */
+ public SafeHtmlBuilder setSelected(String value) {
+ return setAttribute("selected", value);
+ }
+
+ /** Sets the {@code shape} attribute for this element. */
+ public SafeHtmlBuilder setShape(String value) {
+ return setAttribute("shape", value);
+ }
+
+ /** Sets the {@code size} attribute for this element. */
+ public SafeHtmlBuilder setSize(String value) {
+ return setAttribute("size", value);
+ }
+
+ /** Sets the {@code sizes} attribute for this element. */
+ public SafeHtmlBuilder setSizes(String value) {
+ return setAttribute("sizes", value);
+ }
+
+ /** Sets the {@code span} attribute for this element. */
+ public SafeHtmlBuilder setSpan(String value) {
+ return setAttribute("span", value);
+ }
+
+ /** Sets the {@code spellcheck} attribute for this element. */
+ public SafeHtmlBuilder setSpellcheck(String value) {
+ return setAttribute("spellcheck", value);
+ }
+
+ /** These elements are whitelisted to use src with a SafeUrl value. */
+ private static final Set The attribute {@code src} with a {@code SafeUrl} value is allowed on these elements:
+ *
+ * The attribute {@code srcdoc} with a {@code SafeHtml} value is allowed on these elements:
+ *
+ * The attribute {@code type} with a {@code String} value is allowed on these elements:
+ *
+ * Protocol-message forms are intended to be opaque. The fields of the protocol message should
+ * be considered encapsulated and are not intended for direct inspection or manipulation. Protocol
+ * message forms of this type should be produced by {@link #toProto(SafeHtml)} or its
+ * equivalent in other implementation languages.
+ *
+ * Important: It is unsafe to invoke this method on a protocol message that has been
+ * received from an entity outside the application's trust domain. Data coming from the browser
+ * is outside the application's trust domain.
+ */
+ public static SafeHtml fromProto(SafeHtmlProto proto) {
+ return create(proto.getPrivateDoNotAccessOrElseSafeHtmlWrappedValue());
+ }
+
+ /**
+ * Wraps a SafeScript inside a <script type="text/javascript"> tag.
+ */
+ public static SafeHtml fromScript(SafeScript script) {
+ return create("");
+ }
+
+ /**
+ * Wraps a SafeScript inside a <script type="text/javascript"> tag.
+ * The tag has a nonce attribute populated from the provided CSP nonce value.
+ */
+ public static SafeHtml fromScriptWithCspNonce(SafeScript script, String cspNonce) {
+ return create("");
+ }
+
+ /**
+ * Creates a <script type="text/javascript" src="url"><script> where the
+ * {@code src} attribute points to the given {@code trustedResourceUrl}.
+ */
+ public static SafeHtml fromScriptUrl(TrustedResourceUrl trustedResourceUrl) {
+ String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString());
+ return create("");
+ }
+
+ /**
+ * Creates a <script defer type="text/javascript" src="url"><script> where the
+ * {@code src} attribute points to the given {@code trustedResourceUrl}.
+ */
+ public static SafeHtml fromScriptUrlDeferred(TrustedResourceUrl trustedResourceUrl) {
+ String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString());
+ return create("");
+ }
+
+ /**
+ * Creates a <script type="text/javascript" src="url"><script> where the
+ * {@code src} attribute points to the given {@code trustedResourceUrl}.
+ * The tag has a nonce attribute populated from the provided CSP nonce value.
+ */
+ public static SafeHtml fromScriptUrlWithCspNonce(TrustedResourceUrl trustedResourceUrl,
+ String cspNonce) {
+ String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString());
+ return create("");
+ }
+
+ /**
+ * Creates a <script defer type="text/javascript" src="url"><script> where the
+ * {@code src} attribute points to the given {@code trustedResourceUrl}.
+ * The tag has a nonce attribute populated from the provided CSP nonce value.
+ */
+ public static SafeHtml fromScriptUrlWithCspNonceDeferred(TrustedResourceUrl trustedResourceUrl,
+ String cspNonce) {
+ String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString());
+ return create("");
+ }
+
+ /**
+ * Wraps a SafeStyleSheet inside a <style type="text/css"> tag.
+ */
+ public static SafeHtml fromStyleSheet(SafeStyleSheet safeStyleSheet) {
+ Preconditions.checkArgument(!safeStyleSheet.getSafeStyleSheetString().contains("<"));
+ return create("");
+ }
+
+ /**
+ * Creates a <style type="text/css" src="url"><style> where the
+ * {@code src} attribute points to the given {@code trustedResourceUrl}.
+ */
+ public static SafeHtml fromStyleUrl(TrustedResourceUrl trustedResourceUrl) {
+ String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString());
+ return create("");
+ }
+
+ /**
+ * Serializes a SafeHtml into its opaque protocol message representation.
+ *
+ * Protocol message forms of this type are intended to be opaque. The fields of the returned
+ * protocol message should be considered encapsulated and are not intended for direct inspection
+ * or manipulation. Protocol messages can be converted back into a SafeHtml using
+ * {@link #fromProto(SafeHtmlProto)}.
+ */
+ public static SafeHtmlProto toProto(SafeHtml safeHtml) {
+ return SafeHtmlProto.newBuilder().setPrivateDoNotAccessOrElseSafeHtmlWrappedValue(
+ safeHtml.getSafeHtmlString()).build();
+ }
+
+ /**
+ * Converts, by HTML-escaping, an arbitrary string into a contract-compliant {@link SafeHtml}.
+ */
+ public static SafeHtml htmlEscape(String text) {
+ return create(htmlEscapeInternal(text));
+ }
+
+ /**
+ * Converts an arbitrary string into an HTML comment by HTML-escaping the contents and embedding
+ * the result between HTML comment markers.
+ *
+ * Escaping is needed because Internet Explorer supports conditional comments and so may render
+ * HTML markup within comments.
+ */
+ public static SafeHtml comment(String text) {
+ return create("");
+ }
+
+
+ /**
+ * Creates a new SafeHtml which contains, in order, the string representations of the given
+ * {@code htmls}.
+ */
+ public static SafeHtml concat(SafeHtml... htmls) {
+ return concat(Arrays.asList(htmls));
+ }
+
+ /**
+ * Creates a new SafeHtml which contains, in order, the string representations of the given
+ * {@code htmls}.
+ */
+ public static SafeHtml concat(Iterable Having {@code toString()} return a debug representation is intentional. This type has
+ * a GWT-compiled JavaScript version; JavaScript has no static typing and a distinct method
+ * method name provides a modicum of type-safety.
+ *
+ * @see #getSafeScriptString
+ */
+ @Override
+ public String toString() {
+ return "SafeScript{" + privateDoNotAccessOrElseSafeScriptWrappedValue + "}";
+ }
+
+ /**
+ * Returns this value's underlying string. See class documentation for what guarantees exist on
+ * the returned string.
+ */
+ public String getSafeScriptString() {
+ return privateDoNotAccessOrElseSafeScriptWrappedValue;
+ }
+}
diff --git a/third_party/safe_html_types/com/google/common/html/types/SafeScriptProto.java b/third_party/safe_html_types/com/google/common/html/types/SafeScriptProto.java
new file mode 100644
index 00000000000..b51c657fc52
--- /dev/null
+++ b/third_party/safe_html_types/com/google/common/html/types/SafeScriptProto.java
@@ -0,0 +1,604 @@
+// Generated by the protocol buffer compiler. DO NOT EDIT!
+// source: webutil/html/types/html.proto
+
+package com.google.common.html.types;
+
+/**
+ * This performs ZERO VALIDATION of the data. We assume that resources should be safe because
+ * they are part of the binary, and therefore not attacker controlled.
+ *
+ * @param contextClass Class relative to which to load the resource.
+ */
+ @GwtIncompatible("Resources")
+ public static SafeScript fromResource(
+ Class contextClass, @CompileTimeConstant final String resourceName, Charset charset)
+ throws IOException {
+ return create(Resources.toString(Resources.getResource(contextClass, resourceName), charset));
+ }
+
+ /**
+ * Deserializes a SafeScriptProto into a SafeScript instance.
+ *
+ * Protocol-message forms are intended to be opaque. The fields of the protocol message should
+ * be considered encapsulated and are not intended for direct inspection or manipulation. Protocol
+ * message forms of this type should be produced by {@link #toProto(SafeScript)} or its equivalent
+ * in other implementation languages.
+ *
+ * Important: It is unsafe to invoke this method on a protocol message that has been
+ * received from an entity outside the application's trust domain. Data coming from the browser
+ * is outside the application's trust domain.
+ */
+ public static SafeScript fromProto(SafeScriptProto proto) {
+ return create(proto.getPrivateDoNotAccessOrElseSafeScriptWrappedValue());
+ }
+
+ /**
+ * Serializes a SafeScript into its opaque protocol message representation.
+ *
+ * Protocol message forms of this type are intended to be opaque. The fields of the returned
+ * protocol message should be considered encapsulated and are not intended for direct inspection
+ * or manipulation. Protocol messages can be converted back into a SafeScript using
+ * {@link #fromProto(SafeScriptProto)}.
+ */
+ public static SafeScriptProto toProto(SafeScript script) {
+ return SafeScriptProto.newBuilder()
+ .setPrivateDoNotAccessOrElseSafeScriptWrappedValue(script.getSafeScriptString()).build();
+ }
+
+ static SafeScript create(String script) {
+ return new SafeScript(script);
+ }
+}
diff --git a/third_party/safe_html_types/com/google/common/html/types/SafeStyle.java b/third_party/safe_html_types/com/google/common/html/types/SafeStyle.java
new file mode 100644
index 00000000000..3a3571677e2
--- /dev/null
+++ b/third_party/safe_html_types/com/google/common/html/types/SafeStyle.java
@@ -0,0 +1,146 @@
+/*
+ * Copyright 2016 Google Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.common.html.types;
+
+import javax.annotation.CheckReturnValue;
+import javax.annotation.concurrent.Immutable;
+import jsinterop.annotations.JsType;
+
+/**
+ * A string-like object which represents a sequence of CSS declarations
+ * ({@code propertyName1: propertyvalue1; propertyName2: propertyValue2; ...}) and that carries the
+ * security type contract that its value, as a string, will not cause untrusted script execution
+ * (XSS) when evaluated as CSS in a browser.
+ *
+ * A SafeStyle's string representation ({@link #getSafeStyleString()}) can safely be:
+ *
}
+ * instead of the default {@code
}. Slashes are required if rendering XHTML and optional in
+ * HTML 5.
+ *
+ *
+ *
+ *
+ * @throws IllegalArgumentException if the {@code action} attribute with a {@code SafeUrl} value
+ * is not allowed on this element
+ */
+ public SafeHtmlBuilder setAction(SafeUrl value) {
+ if (!ACTION_SAFE_URL_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"action\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + ACTION_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ return setAttribute("action", value.getSafeUrlString());
+ }
+
+ /** Sets the {@code align} attribute for this element. */
+ public SafeHtmlBuilder setAlign(String value) {
+ return setAttribute("align", value);
+ }
+
+ /** Sets the {@code alt} attribute for this element. */
+ public SafeHtmlBuilder setAlt(String value) {
+ return setAttribute("alt", value);
+ }
+
+ /** Sets the {@code autocapitalize} attribute for this element. */
+ public SafeHtmlBuilder setAutocapitalize(String value) {
+ return setAttribute("autocapitalize", value);
+ }
+
+ /** Sets the {@code autocomplete} attribute for this element. */
+ public SafeHtmlBuilder setAutocomplete(String value) {
+ return setAttribute("autocomplete", value);
+ }
+
+ /** Sets the {@code autofocus} attribute for this element. */
+ public SafeHtmlBuilder setAutofocus(String value) {
+ return setAttribute("autofocus", value);
+ }
+
+ /** Sets the {@code bgcolor} attribute for this element. */
+ public SafeHtmlBuilder setBgcolor(String value) {
+ return setAttribute("bgcolor", value);
+ }
+
+ /** Sets the {@code border} attribute for this element. */
+ public SafeHtmlBuilder setBorder(String value) {
+ return setAttribute("border", value);
+ }
+
+ /** Sets the {@code checked} attribute for this element. */
+ public SafeHtmlBuilder setChecked(String value) {
+ return setAttribute("checked", value);
+ }
+
+ /** These elements are whitelisted to use cite with a SafeUrl value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code cite} attribute with a {@code SafeUrl} value is
+ * not allowed on this element
+ */
+ public SafeHtmlBuilder setCite(SafeUrl value) {
+ if (!CITE_SAFE_URL_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"cite\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + CITE_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ return setAttribute("cite", value.getSafeUrlString());
+ }
+
+ /** Sets the {@code class} attribute for this element. */
+ public SafeHtmlBuilder setClass(String value) {
+ return setAttribute("class", value);
+ }
+
+ /** Sets the {@code color} attribute for this element. */
+ public SafeHtmlBuilder setColor(String value) {
+ return setAttribute("color", value);
+ }
+
+ /** Sets the {@code cols} attribute for this element. */
+ public SafeHtmlBuilder setCols(String value) {
+ return setAttribute("cols", value);
+ }
+
+ /** Sets the {@code colspan} attribute for this element. */
+ public SafeHtmlBuilder setColspan(String value) {
+ return setAttribute("colspan", value);
+ }
+
+ /** Values that can be passed to {@link #setDir(DirValue)}. */
+ public enum DirValue {
+
+ /** Value of {@code auto}. */
+ AUTO("auto"),
+ /** Value of {@code ltr}. */
+ LTR("ltr"),
+ /** Value of {@code rtl}. */
+ RTL("rtl");
+
+ private final String value;
+
+ private DirValue(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public String toString() {
+ return value;
+ }
+ }
+
+ /** Sets the {@code dir} attribute for this element. */
+ public SafeHtmlBuilder setDir(DirValue value) {
+ return setAttribute("dir", value.toString());
+ }
+
+ /** Sets the {@code disabled} attribute for this element. */
+ public SafeHtmlBuilder setDisabled(String value) {
+ return setAttribute("disabled", value);
+ }
+
+ /** Sets the {@code draggable} attribute for this element. */
+ public SafeHtmlBuilder setDraggable(String value) {
+ return setAttribute("draggable", value);
+ }
+
+ /** Sets the {@code face} attribute for this element. */
+ public SafeHtmlBuilder setFace(String value) {
+ return setAttribute("face", value);
+ }
+
+ /** Sets the {@code for} attribute for this element. */
+ public SafeHtmlBuilder setFor(@CompileTimeConstant final String value) {
+ return setAttribute("for", value);
+ }
+
+ /**
+ * Sets the {@code for} attribute for this element to a {@link CompileTimeConstant} {@code prefix}
+ * and a {@code value} joined by a hyphen.
+ *
+ * @throws IllegalArgumentException if {@code prefix} is an empty string
+ */
+ public SafeHtmlBuilder setForWithPrefix(@CompileTimeConstant final String prefix, String value) {
+ if (prefix.trim().length() == 0) {
+ throw new IllegalArgumentException("Prefix cannot be empty string");
+ }
+ return setAttribute("for", prefix + "-" + value);
+ }
+
+ /** These elements are whitelisted to use formaction with a SafeUrl value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code formaction} attribute with a {@code SafeUrl}
+ * value is not allowed on this element
+ */
+ public SafeHtmlBuilder setFormaction(SafeUrl value) {
+ if (!FORMACTION_SAFE_URL_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"formaction\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + FORMACTION_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ return setAttribute("formaction", value.getSafeUrlString());
+ }
+
+ /** These elements are whitelisted to use formmethod with a String value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code formmethod} attribute with a {@code String}
+ * value is not allowed on this element
+ */
+ public SafeHtmlBuilder setFormmethod(String value) {
+ if (!FORMMETHOD_STRING_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"formmethod\" with a String value can only be used "
+ + "by one of the following elements: "
+ + FORMMETHOD_STRING_ELEMENT_WHITELIST);
+ }
+ return setAttribute("formmethod", value);
+ }
+
+ /** Sets the {@code frameborder} attribute for this element. */
+ public SafeHtmlBuilder setFrameborder(String value) {
+ return setAttribute("frameborder", value);
+ }
+
+ /** Sets the {@code height} attribute for this element. */
+ public SafeHtmlBuilder setHeight(String value) {
+ return setAttribute("height", value);
+ }
+
+ /** Sets the {@code hidden} attribute for this element. */
+ public SafeHtmlBuilder setHidden(String value) {
+ return setAttribute("hidden", value);
+ }
+
+ /** These elements are whitelisted to use href with a SafeUrl value. */
+ private static final Set
+ *
+ *
+ *
+ *
+ *
+ * @throws IllegalArgumentException if the {@code href} attribute with a {@code SafeUrl} value is
+ * not allowed on this element
+ * @throws IllegalArgumentException if this a {@code link} element and the value of {@code rel}
+ * does not allow the SafeUrl contract on {@code href}
+ */
+ public SafeHtmlBuilder setHref(SafeUrl value) {
+ if (!HREF_SAFE_URL_ELEMENT_WHITELIST.contains(elementName) && !elementName.equals("link")) {
+ throw new IllegalArgumentException(
+ "Attribute \"href\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + HREF_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ if (elementName.equals("link")) {
+ checkLinkDependentAttributes(attributes.get("rel"), AttributeContract.SAFE_URL);
+ }
+ hrefValueContract = AttributeContract.SAFE_URL;
+ return setAttribute("href", value.getSafeUrlString());
+ }
+
+ /** Sets the {@code href} attribute for this element. */
+ public SafeHtmlBuilder setHref(TrustedResourceUrl value) {
+ hrefValueContract = AttributeContract.TRUSTED_RESOURCE_URL;
+ return setAttribute("href", value.getTrustedResourceUrlString());
+ }
+
+ /** These elements are whitelisted to use icon with a SafeUrl value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code icon} attribute with a {@code SafeUrl} value is
+ * not allowed on this element
+ */
+ public SafeHtmlBuilder setIcon(SafeUrl value) {
+ if (!ICON_SAFE_URL_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"icon\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + ICON_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ return setAttribute("icon", value.getSafeUrlString());
+ }
+
+ /** Sets the {@code id} attribute for this element. */
+ public SafeHtmlBuilder setId(@CompileTimeConstant final String value) {
+ return setAttribute("id", value);
+ }
+
+ /**
+ * Sets the {@code id} attribute for this element to a {@link CompileTimeConstant} {@code prefix}
+ * and a {@code value} joined by a hyphen.
+ *
+ * @throws IllegalArgumentException if {@code prefix} is an empty string
+ */
+ public SafeHtmlBuilder setIdWithPrefix(@CompileTimeConstant final String prefix, String value) {
+ if (prefix.trim().length() == 0) {
+ throw new IllegalArgumentException("Prefix cannot be empty string");
+ }
+ return setAttribute("id", prefix + "-" + value);
+ }
+
+ /** Sets the {@code ismap} attribute for this element. */
+ public SafeHtmlBuilder setIsmap(String value) {
+ return setAttribute("ismap", value);
+ }
+
+ /** Sets the {@code label} attribute for this element. */
+ public SafeHtmlBuilder setLabel(String value) {
+ return setAttribute("label", value);
+ }
+
+ /** Sets the {@code lang} attribute for this element. */
+ public SafeHtmlBuilder setLang(String value) {
+ return setAttribute("lang", value);
+ }
+
+ /** Sets the {@code list} attribute for this element. */
+ public SafeHtmlBuilder setList(@CompileTimeConstant final String value) {
+ return setAttribute("list", value);
+ }
+
+ /**
+ * Sets the {@code list} attribute for this element to a {@link CompileTimeConstant} {@code
+ * prefix} and a {@code value} joined by a hyphen.
+ *
+ * @throws IllegalArgumentException if {@code prefix} is an empty string
+ */
+ public SafeHtmlBuilder setListWithPrefix(@CompileTimeConstant final String prefix, String value) {
+ if (prefix.trim().length() == 0) {
+ throw new IllegalArgumentException("Prefix cannot be empty string");
+ }
+ return setAttribute("list", prefix + "-" + value);
+ }
+
+ /** Sets the {@code loop} attribute for this element. */
+ public SafeHtmlBuilder setLoop(String value) {
+ return setAttribute("loop", value);
+ }
+
+ /** Sets the {@code max} attribute for this element. */
+ public SafeHtmlBuilder setMax(String value) {
+ return setAttribute("max", value);
+ }
+
+ /** Sets the {@code maxlength} attribute for this element. */
+ public SafeHtmlBuilder setMaxlength(String value) {
+ return setAttribute("maxlength", value);
+ }
+
+ /** These elements are whitelisted to use media with a String value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code media} attribute with a {@code String} value is
+ * not allowed on this element
+ */
+ public SafeHtmlBuilder setMedia(String value) {
+ if (!MEDIA_STRING_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"media\" with a String value can only be used "
+ + "by one of the following elements: "
+ + MEDIA_STRING_ELEMENT_WHITELIST);
+ }
+ return setAttribute("media", value);
+ }
+
+ /** These elements are whitelisted to use method with a String value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code method} attribute with a {@code String} value is
+ * not allowed on this element
+ */
+ public SafeHtmlBuilder setMethod(String value) {
+ if (!METHOD_STRING_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"method\" with a String value can only be used "
+ + "by one of the following elements: "
+ + METHOD_STRING_ELEMENT_WHITELIST);
+ }
+ return setAttribute("method", value);
+ }
+
+ /** Sets the {@code min} attribute for this element. */
+ public SafeHtmlBuilder setMin(String value) {
+ return setAttribute("min", value);
+ }
+
+ /** Sets the {@code multiple} attribute for this element. */
+ public SafeHtmlBuilder setMultiple(String value) {
+ return setAttribute("multiple", value);
+ }
+
+ /** Sets the {@code muted} attribute for this element. */
+ public SafeHtmlBuilder setMuted(String value) {
+ return setAttribute("muted", value);
+ }
+
+ /** Sets the {@code name} attribute for this element. */
+ public SafeHtmlBuilder setName(@CompileTimeConstant final String value) {
+ return setAttribute("name", value);
+ }
+
+ /**
+ * Sets the {@code name} attribute for this element to a {@link CompileTimeConstant} {@code
+ * prefix} and a {@code value} joined by a hyphen.
+ *
+ * @throws IllegalArgumentException if {@code prefix} is an empty string
+ */
+ public SafeHtmlBuilder setNameWithPrefix(@CompileTimeConstant final String prefix, String value) {
+ if (prefix.trim().length() == 0) {
+ throw new IllegalArgumentException("Prefix cannot be empty string");
+ }
+ return setAttribute("name", prefix + "-" + value);
+ }
+
+ /** These elements are whitelisted to use pattern with a String value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code pattern} attribute with a {@code String} value
+ * is not allowed on this element
+ */
+ public SafeHtmlBuilder setPattern(String value) {
+ if (!PATTERN_STRING_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"pattern\" with a String value can only be used "
+ + "by one of the following elements: "
+ + PATTERN_STRING_ELEMENT_WHITELIST);
+ }
+ return setAttribute("pattern", value);
+ }
+
+ /** Sets the {@code placeholder} attribute for this element. */
+ public SafeHtmlBuilder setPlaceholder(String value) {
+ return setAttribute("placeholder", value);
+ }
+
+ /** These elements are whitelisted to use poster with a SafeUrl value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code poster} attribute with a {@code SafeUrl} value
+ * is not allowed on this element
+ */
+ public SafeHtmlBuilder setPoster(SafeUrl value) {
+ if (!POSTER_SAFE_URL_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"poster\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + POSTER_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ return setAttribute("poster", value.getSafeUrlString());
+ }
+
+ /** Sets the {@code preload} attribute for this element. */
+ public SafeHtmlBuilder setPreload(String value) {
+ return setAttribute("preload", value);
+ }
+
+ /**
+ * Sets the {@code rel} attribute for this element.
+ *
+ *
+ *
+ *
+ * @throws IllegalArgumentException if the {@code src} attribute with a {@code SafeUrl} value is
+ * not allowed on this element
+ */
+ public SafeHtmlBuilder setSrc(SafeUrl value) {
+ if (!SRC_SAFE_URL_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"src\" with a SafeUrl value can only be used "
+ + "by one of the following elements: "
+ + SRC_SAFE_URL_ELEMENT_WHITELIST);
+ }
+ return setAttribute("src", value.getSafeUrlString());
+ }
+
+ /** Sets the {@code src} attribute for this element. */
+ public SafeHtmlBuilder setSrc(TrustedResourceUrl value) {
+ return setAttribute("src", value.getTrustedResourceUrlString());
+ }
+
+ /** These elements are whitelisted to use srcdoc with a SafeHtml value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code srcdoc} attribute with a {@code SafeHtml} value
+ * is not allowed on this element
+ */
+ public SafeHtmlBuilder setSrcdoc(SafeHtml value) {
+ if (!SRCDOC_SAFE_HTML_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"srcdoc\" with a SafeHtml value can only be used "
+ + "by one of the following elements: "
+ + SRCDOC_SAFE_HTML_ELEMENT_WHITELIST);
+ }
+ return setAttribute("srcdoc", value.getSafeHtmlString());
+ }
+
+ /** Sets the {@code start} attribute for this element. */
+ public SafeHtmlBuilder setStart(String value) {
+ return setAttribute("start", value);
+ }
+
+ /** Sets the {@code step} attribute for this element. */
+ public SafeHtmlBuilder setStep(String value) {
+ return setAttribute("step", value);
+ }
+
+ /** Sets the {@code style} attribute for this element. */
+ public SafeHtmlBuilder setStyle(SafeStyle value) {
+ return setAttribute("style", value.getSafeStyleString());
+ }
+
+ /** Sets the {@code summary} attribute for this element. */
+ public SafeHtmlBuilder setSummary(String value) {
+ return setAttribute("summary", value);
+ }
+
+ /** Sets the {@code tabindex} attribute for this element. */
+ public SafeHtmlBuilder setTabindex(String value) {
+ return setAttribute("tabindex", value);
+ }
+
+ /** Values that can be passed to {@link #setTarget(TargetValue)}. */
+ public enum TargetValue {
+
+ /** Value of {@code _blank}. */
+ BLANK("_blank"),
+ /** Value of {@code _self}. */
+ SELF("_self");
+
+ private final String value;
+
+ private TargetValue(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public String toString() {
+ return value;
+ }
+ }
+
+ /** Sets the {@code target} attribute for this element. */
+ public SafeHtmlBuilder setTarget(TargetValue value) {
+ return setAttribute("target", value.toString());
+ }
+
+ /** Sets the {@code title} attribute for this element. */
+ public SafeHtmlBuilder setTitle(String value) {
+ return setAttribute("title", value);
+ }
+
+ /** Sets the {@code translate} attribute for this element. */
+ public SafeHtmlBuilder setTranslate(String value) {
+ return setAttribute("translate", value);
+ }
+
+ /** These elements are whitelisted to use type with a String value. */
+ private static final Set
+ *
+ *
+ * @throws IllegalArgumentException if the {@code type} attribute with a {@code String} value is
+ * not allowed on this element
+ */
+ public SafeHtmlBuilder setType(String value) {
+ if (!TYPE_STRING_ELEMENT_WHITELIST.contains(elementName)) {
+ throw new IllegalArgumentException(
+ "Attribute \"type\" with a String value can only be used "
+ + "by one of the following elements: "
+ + TYPE_STRING_ELEMENT_WHITELIST);
+ }
+ return setAttribute("type", value);
+ }
+
+ /** Sets the {@code valign} attribute for this element. */
+ public SafeHtmlBuilder setValign(String value) {
+ return setAttribute("valign", value);
+ }
+
+ /** Sets the {@code value} attribute for this element. */
+ public SafeHtmlBuilder setValue(String value) {
+ return setAttribute("value", value);
+ }
+
+ /** Sets the {@code width} attribute for this element. */
+ public SafeHtmlBuilder setWidth(String value) {
+ return setAttribute("width", value);
+ }
+
+ /** Sets the {@code wrap} attribute for this element. */
+ public SafeHtmlBuilder setWrap(String value) {
+ return setAttribute("wrap", value);
+ }
+
+ /**
+ * Sets a custom data attribute, {@code name}, to {@code value} for this element. {@code value}
+ * must consist only of letters and {@code -}.
+ *
+ * @param name including the "data-" prefix, e.g. "data-tooltip"
+ * @throws IllegalArgumentException if the attribute name isn't valid
+ * @see
+ * http://www.w3.org/TR/html5/dom.html#embedding-custom-non-visible-data-with-the-data-*-attributes
+ */
+ public SafeHtmlBuilder setDataAttribute(@CompileTimeConstant final String name, String value) {
+ if (!name.matches(VALID_DATA_ATTRIBUTES_REGEXP)) {
+ throw new IllegalArgumentException(
+ "Invalid data attribute name \""
+ + name
+ + "\"."
+ + "Name must start with \"data-\" and be followed by letters and '-'.");
+ }
+ return setAttribute(name, value);
+ }
+
+ /**
+ * Appends the given {@code htmls} as this element's content, in sequence.
+ *
+ * @throws IllegalStateException if this builder represents a void element
+ */
+ public SafeHtmlBuilder appendContent(SafeHtml... htmls) {
+ checkNotVoidElement();
+ Collections.addAll(contents, htmls);
+ return this;
+ }
+
+ /**
+ * Appends the given {@code htmls} as this element's content, in the sequence the Iterable returns
+ * them.
+ *
+ * @throws IllegalStateException if this builder represents a void element
+ */
+ public SafeHtmlBuilder appendContent(Iterable
+ * IMPORTANT: It is unsafe to accept this message from an untrusted source,
+ * since it's trivial for an attacker to forge serialized messages that
+ * don't fulfill the type's safety contract -- for example, it could contain
+ * attacker controlled script. A system which receives a SafeHtmlProto
+ * implicitly trusts the producer of the SafeHtmlProto. So, it's generally safe
+ * to return this message in RPC responses, but generally unsafe to accept it
+ * in RPC requests.
+ *
+ *
+ * Protobuf type {@code webutil.html.types.SafeHtmlProto}
+ */
+public final class SafeHtmlProto extends
+ com.google.protobuf.GeneratedMessageV3 implements
+ // @@protoc_insertion_point(message_implements:webutil.html.types.SafeHtmlProto)
+ SafeHtmlProtoOrBuilder {
+ // Use SafeHtmlProto.newBuilder() to construct.
+ private SafeHtmlProto(com.google.protobuf.GeneratedMessageV3.Builder builder) {
+ super(builder);
+ }
+ private SafeHtmlProto() {
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = "";
+ }
+
+ @java.lang.Override
+ public final com.google.protobuf.UnknownFieldSet
+ getUnknownFields() {
+ return this.unknownFields;
+ }
+ private SafeHtmlProto(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ this();
+ int mutable_bitField0_ = 0;
+ com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+ com.google.protobuf.UnknownFieldSet.newBuilder();
+ try {
+ boolean done = false;
+ while (!done) {
+ int tag = input.readTag();
+ switch (tag) {
+ case 0:
+ done = true;
+ break;
+ default: {
+ if (!parseUnknownField(input, unknownFields,
+ extensionRegistry, tag)) {
+ done = true;
+ }
+ break;
+ }
+ case 18: {
+ com.google.protobuf.ByteString bs = input.readBytes();
+ bitField0_ |= 0x00000001;
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = bs;
+ break;
+ }
+ }
+ }
+ } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+ throw e.setUnfinishedMessage(this);
+ } catch (java.io.IOException e) {
+ throw new com.google.protobuf.InvalidProtocolBufferException(
+ e).setUnfinishedMessage(this);
+ } finally {
+ this.unknownFields = unknownFields.build();
+ }
+ }
+ public static final com.google.protobuf.Descriptors.Descriptor
+ getDescriptor() {
+ return com.google.common.html.types.Html.internal_static_webutil_html_types_SafeHtmlProto_descriptor;
+ }
+
+ protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+ internalGetFieldAccessorTable() {
+ return com.google.common.html.types.Html.internal_static_webutil_html_types_SafeHtmlProto_fieldAccessorTable
+ .ensureFieldAccessorsInitialized(
+ com.google.common.html.types.SafeHtmlProto.class, com.google.common.html.types.SafeHtmlProto.Builder.class);
+ }
+
+ private int bitField0_;
+ public static final int PRIVATE_DO_NOT_ACCESS_OR_ELSE_SAFE_HTML_WRAPPED_VALUE_FIELD_NUMBER = 2;
+ private volatile java.lang.Object privateDoNotAccessOrElseSafeHtmlWrappedValue_;
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public boolean hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue() {
+ return ((bitField0_ & 0x00000001) == 0x00000001);
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public java.lang.String getPrivateDoNotAccessOrElseSafeHtmlWrappedValue() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeHtmlWrappedValue_;
+ if (ref instanceof java.lang.String) {
+ return (java.lang.String) ref;
+ } else {
+ com.google.protobuf.ByteString bs =
+ (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ if (bs.isValidUtf8()) {
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = s;
+ }
+ return s;
+ }
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public com.google.protobuf.ByteString
+ getPrivateDoNotAccessOrElseSafeHtmlWrappedValueBytes() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeHtmlWrappedValue_;
+ if (ref instanceof java.lang.String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8(
+ (java.lang.String) ref);
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+
+ private byte memoizedIsInitialized = -1;
+ public final boolean isInitialized() {
+ byte isInitialized = memoizedIsInitialized;
+ if (isInitialized == 1) return true;
+ if (isInitialized == 0) return false;
+
+ memoizedIsInitialized = 1;
+ return true;
+ }
+
+ public void writeTo(com.google.protobuf.CodedOutputStream output)
+ throws java.io.IOException {
+ if (((bitField0_ & 0x00000001) == 0x00000001)) {
+ com.google.protobuf.GeneratedMessageV3.writeString(output, 2, privateDoNotAccessOrElseSafeHtmlWrappedValue_);
+ }
+ unknownFields.writeTo(output);
+ }
+
+ public int getSerializedSize() {
+ int size = memoizedSize;
+ if (size != -1) return size;
+
+ size = 0;
+ if (((bitField0_ & 0x00000001) == 0x00000001)) {
+ size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, privateDoNotAccessOrElseSafeHtmlWrappedValue_);
+ }
+ size += unknownFields.getSerializedSize();
+ memoizedSize = size;
+ return size;
+ }
+
+ private static final long serialVersionUID = 0L;
+ @java.lang.Override
+ public boolean equals(final java.lang.Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ if (!(obj instanceof com.google.common.html.types.SafeHtmlProto)) {
+ return super.equals(obj);
+ }
+ com.google.common.html.types.SafeHtmlProto other = (com.google.common.html.types.SafeHtmlProto) obj;
+
+ boolean result = true;
+ result = result && (hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue() == other.hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue());
+ if (hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue()) {
+ result = result && getPrivateDoNotAccessOrElseSafeHtmlWrappedValue()
+ .equals(other.getPrivateDoNotAccessOrElseSafeHtmlWrappedValue());
+ }
+ result = result && unknownFields.equals(other.unknownFields);
+ return result;
+ }
+
+ @java.lang.Override
+ public int hashCode() {
+ if (memoizedHashCode != 0) {
+ return memoizedHashCode;
+ }
+ int hash = 41;
+ hash = (19 * hash) + getDescriptor().hashCode();
+ if (hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue()) {
+ hash = (37 * hash) + PRIVATE_DO_NOT_ACCESS_OR_ELSE_SAFE_HTML_WRAPPED_VALUE_FIELD_NUMBER;
+ hash = (53 * hash) + getPrivateDoNotAccessOrElseSafeHtmlWrappedValue().hashCode();
+ }
+ hash = (29 * hash) + unknownFields.hashCode();
+ memoizedHashCode = hash;
+ return hash;
+ }
+
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ java.nio.ByteBuffer data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ java.nio.ByteBuffer data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ com.google.protobuf.ByteString data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ com.google.protobuf.ByteString data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(byte[] data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ byte[] data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ java.io.InputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseDelimitedFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseDelimitedWithIOException(PARSER, input);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseDelimitedFrom(
+ java.io.InputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ com.google.protobuf.CodedInputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input);
+ }
+ public static com.google.common.html.types.SafeHtmlProto parseFrom(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input, extensionRegistry);
+ }
+
+ public Builder newBuilderForType() { return newBuilder(); }
+ public static Builder newBuilder() {
+ return DEFAULT_INSTANCE.toBuilder();
+ }
+ public static Builder newBuilder(com.google.common.html.types.SafeHtmlProto prototype) {
+ return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+ }
+ public Builder toBuilder() {
+ return this == DEFAULT_INSTANCE
+ ? new Builder() : new Builder().mergeFrom(this);
+ }
+
+ @java.lang.Override
+ protected Builder newBuilderForType(
+ com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+ Builder builder = new Builder(parent);
+ return builder;
+ }
+ /**
+ *
+ * IMPORTANT: It is unsafe to accept this message from an untrusted source,
+ * since it's trivial for an attacker to forge serialized messages that
+ * don't fulfill the type's safety contract -- for example, it could contain
+ * attacker controlled script. A system which receives a SafeHtmlProto
+ * implicitly trusts the producer of the SafeHtmlProto. So, it's generally safe
+ * to return this message in RPC responses, but generally unsafe to accept it
+ * in RPC requests.
+ *
+ *
+ * Protobuf type {@code webutil.html.types.SafeHtmlProto}
+ */
+ public static final class Builder extends
+ com.google.protobuf.GeneratedMessageV3.Builder
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public boolean hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue() {
+ return ((bitField0_ & 0x00000001) == 0x00000001);
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public java.lang.String getPrivateDoNotAccessOrElseSafeHtmlWrappedValue() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeHtmlWrappedValue_;
+ if (!(ref instanceof java.lang.String)) {
+ com.google.protobuf.ByteString bs =
+ (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ if (bs.isValidUtf8()) {
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = s;
+ }
+ return s;
+ } else {
+ return (java.lang.String) ref;
+ }
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public com.google.protobuf.ByteString
+ getPrivateDoNotAccessOrElseSafeHtmlWrappedValueBytes() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeHtmlWrappedValue_;
+ if (ref instanceof String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8(
+ (java.lang.String) ref);
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public Builder setPrivateDoNotAccessOrElseSafeHtmlWrappedValue(
+ java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ bitField0_ |= 0x00000001;
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = value;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public Builder clearPrivateDoNotAccessOrElseSafeHtmlWrappedValue() {
+ bitField0_ = (bitField0_ & ~0x00000001);
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = getDefaultInstance().getPrivateDoNotAccessOrElseSafeHtmlWrappedValue();
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ public Builder setPrivateDoNotAccessOrElseSafeHtmlWrappedValueBytes(
+ com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ bitField0_ |= 0x00000001;
+ privateDoNotAccessOrElseSafeHtmlWrappedValue_ = value;
+ onChanged();
+ return this;
+ }
+ public final Builder setUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.setUnknownFields(unknownFields);
+ }
+
+ public final Builder mergeUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.mergeUnknownFields(unknownFields);
+ }
+
+
+ // @@protoc_insertion_point(builder_scope:webutil.html.types.SafeHtmlProto)
+ }
+
+ // @@protoc_insertion_point(class_scope:webutil.html.types.SafeHtmlProto)
+ private static final com.google.common.html.types.SafeHtmlProto DEFAULT_INSTANCE;
+ static {
+ DEFAULT_INSTANCE = new com.google.common.html.types.SafeHtmlProto();
+ }
+
+ public static com.google.common.html.types.SafeHtmlProto getDefaultInstance() {
+ return DEFAULT_INSTANCE;
+ }
+
+ @java.lang.Deprecated public static final com.google.protobuf.Parser
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ boolean hasPrivateDoNotAccessOrElseSafeHtmlWrappedValue();
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ java.lang.String getPrivateDoNotAccessOrElseSafeHtmlWrappedValue();
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_html_wrapped_value = 2 [ctype = CORD];
+ */
+ com.google.protobuf.ByteString
+ getPrivateDoNotAccessOrElseSafeHtmlWrappedValueBytes();
+}
diff --git a/third_party/safe_html_types/com/google/common/html/types/SafeHtmls.java b/third_party/safe_html_types/com/google/common/html/types/SafeHtmls.java
new file mode 100644
index 00000000000..a746a4e72f4
--- /dev/null
+++ b/third_party/safe_html_types/com/google/common/html/types/SafeHtmls.java
@@ -0,0 +1,198 @@
+// **** GENERATED CODE, DO NOT MODIFY ****
+// This file was generated via preprocessing from input:
+// java/com/google/common/html/types/SafeHtmls.java.tpl
+// ***************************************
+/*
+ * Copyright 2016 Google Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.common.html.types;
+
+import static com.google.common.html.types.BuilderUtils.coerceToInterchangeValid;
+import static com.google.common.html.types.BuilderUtils.escapeHtmlInternal;
+
+import com.google.common.annotations.GwtCompatible;
+import com.google.common.base.Preconditions;
+import java.util.Arrays;
+import javax.annotation.CheckReturnValue;
+
+/**
+ * Protocol conversions, builders and factory methods for {@link SafeHtml}.
+ */
+@CheckReturnValue
+@GwtCompatible
+public final class SafeHtmls {
+
+ /**
+ * Deserializes a SafeHtmlProto into a SafeHtml instance.
+ *
+ *
+ * Message containing JavaScript code that is safe to use as the content of an
+ * HTML script element.
+ *
+ *
+ * Protobuf type {@code webutil.html.types.SafeScriptProto}
+ */
+public final class SafeScriptProto extends
+ com.google.protobuf.GeneratedMessageV3 implements
+ // @@protoc_insertion_point(message_implements:webutil.html.types.SafeScriptProto)
+ SafeScriptProtoOrBuilder {
+ // Use SafeScriptProto.newBuilder() to construct.
+ private SafeScriptProto(com.google.protobuf.GeneratedMessageV3.Builder builder) {
+ super(builder);
+ }
+ private SafeScriptProto() {
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = "";
+ }
+
+ @java.lang.Override
+ public final com.google.protobuf.UnknownFieldSet
+ getUnknownFields() {
+ return this.unknownFields;
+ }
+ private SafeScriptProto(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ this();
+ int mutable_bitField0_ = 0;
+ com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+ com.google.protobuf.UnknownFieldSet.newBuilder();
+ try {
+ boolean done = false;
+ while (!done) {
+ int tag = input.readTag();
+ switch (tag) {
+ case 0:
+ done = true;
+ break;
+ default: {
+ if (!parseUnknownField(input, unknownFields,
+ extensionRegistry, tag)) {
+ done = true;
+ }
+ break;
+ }
+ case 50: {
+ com.google.protobuf.ByteString bs = input.readBytes();
+ bitField0_ |= 0x00000001;
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = bs;
+ break;
+ }
+ }
+ }
+ } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+ throw e.setUnfinishedMessage(this);
+ } catch (java.io.IOException e) {
+ throw new com.google.protobuf.InvalidProtocolBufferException(
+ e).setUnfinishedMessage(this);
+ } finally {
+ this.unknownFields = unknownFields.build();
+ }
+ }
+ public static final com.google.protobuf.Descriptors.Descriptor
+ getDescriptor() {
+ return com.google.common.html.types.Html.internal_static_webutil_html_types_SafeScriptProto_descriptor;
+ }
+
+ protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+ internalGetFieldAccessorTable() {
+ return com.google.common.html.types.Html.internal_static_webutil_html_types_SafeScriptProto_fieldAccessorTable
+ .ensureFieldAccessorsInitialized(
+ com.google.common.html.types.SafeScriptProto.class, com.google.common.html.types.SafeScriptProto.Builder.class);
+ }
+
+ private int bitField0_;
+ public static final int PRIVATE_DO_NOT_ACCESS_OR_ELSE_SAFE_SCRIPT_WRAPPED_VALUE_FIELD_NUMBER = 6;
+ private volatile java.lang.Object privateDoNotAccessOrElseSafeScriptWrappedValue_;
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public boolean hasPrivateDoNotAccessOrElseSafeScriptWrappedValue() {
+ return ((bitField0_ & 0x00000001) == 0x00000001);
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public java.lang.String getPrivateDoNotAccessOrElseSafeScriptWrappedValue() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeScriptWrappedValue_;
+ if (ref instanceof java.lang.String) {
+ return (java.lang.String) ref;
+ } else {
+ com.google.protobuf.ByteString bs =
+ (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ if (bs.isValidUtf8()) {
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = s;
+ }
+ return s;
+ }
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public com.google.protobuf.ByteString
+ getPrivateDoNotAccessOrElseSafeScriptWrappedValueBytes() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeScriptWrappedValue_;
+ if (ref instanceof java.lang.String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8(
+ (java.lang.String) ref);
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+
+ private byte memoizedIsInitialized = -1;
+ public final boolean isInitialized() {
+ byte isInitialized = memoizedIsInitialized;
+ if (isInitialized == 1) return true;
+ if (isInitialized == 0) return false;
+
+ memoizedIsInitialized = 1;
+ return true;
+ }
+
+ public void writeTo(com.google.protobuf.CodedOutputStream output)
+ throws java.io.IOException {
+ if (((bitField0_ & 0x00000001) == 0x00000001)) {
+ com.google.protobuf.GeneratedMessageV3.writeString(output, 6, privateDoNotAccessOrElseSafeScriptWrappedValue_);
+ }
+ unknownFields.writeTo(output);
+ }
+
+ public int getSerializedSize() {
+ int size = memoizedSize;
+ if (size != -1) return size;
+
+ size = 0;
+ if (((bitField0_ & 0x00000001) == 0x00000001)) {
+ size += com.google.protobuf.GeneratedMessageV3.computeStringSize(6, privateDoNotAccessOrElseSafeScriptWrappedValue_);
+ }
+ size += unknownFields.getSerializedSize();
+ memoizedSize = size;
+ return size;
+ }
+
+ private static final long serialVersionUID = 0L;
+ @java.lang.Override
+ public boolean equals(final java.lang.Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ if (!(obj instanceof com.google.common.html.types.SafeScriptProto)) {
+ return super.equals(obj);
+ }
+ com.google.common.html.types.SafeScriptProto other = (com.google.common.html.types.SafeScriptProto) obj;
+
+ boolean result = true;
+ result = result && (hasPrivateDoNotAccessOrElseSafeScriptWrappedValue() == other.hasPrivateDoNotAccessOrElseSafeScriptWrappedValue());
+ if (hasPrivateDoNotAccessOrElseSafeScriptWrappedValue()) {
+ result = result && getPrivateDoNotAccessOrElseSafeScriptWrappedValue()
+ .equals(other.getPrivateDoNotAccessOrElseSafeScriptWrappedValue());
+ }
+ result = result && unknownFields.equals(other.unknownFields);
+ return result;
+ }
+
+ @java.lang.Override
+ public int hashCode() {
+ if (memoizedHashCode != 0) {
+ return memoizedHashCode;
+ }
+ int hash = 41;
+ hash = (19 * hash) + getDescriptor().hashCode();
+ if (hasPrivateDoNotAccessOrElseSafeScriptWrappedValue()) {
+ hash = (37 * hash) + PRIVATE_DO_NOT_ACCESS_OR_ELSE_SAFE_SCRIPT_WRAPPED_VALUE_FIELD_NUMBER;
+ hash = (53 * hash) + getPrivateDoNotAccessOrElseSafeScriptWrappedValue().hashCode();
+ }
+ hash = (29 * hash) + unknownFields.hashCode();
+ memoizedHashCode = hash;
+ return hash;
+ }
+
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ java.nio.ByteBuffer data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ java.nio.ByteBuffer data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ com.google.protobuf.ByteString data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ com.google.protobuf.ByteString data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(byte[] data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ byte[] data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ java.io.InputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseDelimitedFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseDelimitedWithIOException(PARSER, input);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseDelimitedFrom(
+ java.io.InputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ com.google.protobuf.CodedInputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input);
+ }
+ public static com.google.common.html.types.SafeScriptProto parseFrom(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3
+ .parseWithIOException(PARSER, input, extensionRegistry);
+ }
+
+ public Builder newBuilderForType() { return newBuilder(); }
+ public static Builder newBuilder() {
+ return DEFAULT_INSTANCE.toBuilder();
+ }
+ public static Builder newBuilder(com.google.common.html.types.SafeScriptProto prototype) {
+ return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+ }
+ public Builder toBuilder() {
+ return this == DEFAULT_INSTANCE
+ ? new Builder() : new Builder().mergeFrom(this);
+ }
+
+ @java.lang.Override
+ protected Builder newBuilderForType(
+ com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+ Builder builder = new Builder(parent);
+ return builder;
+ }
+ /**
+ *
+ * Message containing JavaScript code that is safe to use as the content of an
+ * HTML script element.
+ *
+ *
+ * Protobuf type {@code webutil.html.types.SafeScriptProto}
+ */
+ public static final class Builder extends
+ com.google.protobuf.GeneratedMessageV3.Builder
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public boolean hasPrivateDoNotAccessOrElseSafeScriptWrappedValue() {
+ return ((bitField0_ & 0x00000001) == 0x00000001);
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public java.lang.String getPrivateDoNotAccessOrElseSafeScriptWrappedValue() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeScriptWrappedValue_;
+ if (!(ref instanceof java.lang.String)) {
+ com.google.protobuf.ByteString bs =
+ (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ if (bs.isValidUtf8()) {
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = s;
+ }
+ return s;
+ } else {
+ return (java.lang.String) ref;
+ }
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public com.google.protobuf.ByteString
+ getPrivateDoNotAccessOrElseSafeScriptWrappedValueBytes() {
+ java.lang.Object ref = privateDoNotAccessOrElseSafeScriptWrappedValue_;
+ if (ref instanceof String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8(
+ (java.lang.String) ref);
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public Builder setPrivateDoNotAccessOrElseSafeScriptWrappedValue(
+ java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ bitField0_ |= 0x00000001;
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = value;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public Builder clearPrivateDoNotAccessOrElseSafeScriptWrappedValue() {
+ bitField0_ = (bitField0_ & ~0x00000001);
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = getDefaultInstance().getPrivateDoNotAccessOrElseSafeScriptWrappedValue();
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ public Builder setPrivateDoNotAccessOrElseSafeScriptWrappedValueBytes(
+ com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ bitField0_ |= 0x00000001;
+ privateDoNotAccessOrElseSafeScriptWrappedValue_ = value;
+ onChanged();
+ return this;
+ }
+ public final Builder setUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.setUnknownFields(unknownFields);
+ }
+
+ public final Builder mergeUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.mergeUnknownFields(unknownFields);
+ }
+
+
+ // @@protoc_insertion_point(builder_scope:webutil.html.types.SafeScriptProto)
+ }
+
+ // @@protoc_insertion_point(class_scope:webutil.html.types.SafeScriptProto)
+ private static final com.google.common.html.types.SafeScriptProto DEFAULT_INSTANCE;
+ static {
+ DEFAULT_INSTANCE = new com.google.common.html.types.SafeScriptProto();
+ }
+
+ public static com.google.common.html.types.SafeScriptProto getDefaultInstance() {
+ return DEFAULT_INSTANCE;
+ }
+
+ @java.lang.Deprecated public static final com.google.protobuf.Parser
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ boolean hasPrivateDoNotAccessOrElseSafeScriptWrappedValue();
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ java.lang.String getPrivateDoNotAccessOrElseSafeScriptWrappedValue();
+ /**
+ *
+ * IMPORTANT: Never set or read this field, even from tests, it is private.
+ * See documentation at the top of .proto file for programming language
+ * packages with which to create or read this message.
+ *
+ *
+ * optional string private_do_not_access_or_else_safe_script_wrapped_value = 6 [ctype = CORD];
+ */
+ com.google.protobuf.ByteString
+ getPrivateDoNotAccessOrElseSafeScriptWrappedValueBytes();
+}
diff --git a/third_party/safe_html_types/com/google/common/html/types/SafeScripts.java b/third_party/safe_html_types/com/google/common/html/types/SafeScripts.java
new file mode 100644
index 00000000000..a1a22d6dac2
--- /dev/null
+++ b/third_party/safe_html_types/com/google/common/html/types/SafeScripts.java
@@ -0,0 +1,99 @@
+// **** GENERATED CODE, DO NOT MODIFY ****
+// This file was generated via preprocessing from input:
+// java/com/google/common/html/types/SafeScripts.java.tpl
+// ***************************************
+/*
+ * Copyright 2016 Google Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.common.html.types;
+
+import com.google.common.annotations.GwtCompatible;
+import com.google.common.annotations.GwtIncompatible;
+import com.google.common.io.Resources;
+import com.google.errorprone.annotations.CompileTimeConstant;
+import java.io.IOException;
+import java.nio.charset.Charset;
+import javax.annotation.CheckReturnValue;
+
+
+/**
+ * Protocol conversions and factory methods for {@link SafeScript}.
+ */
+@CheckReturnValue
+@GwtCompatible(emulated = true)
+public final class SafeScripts {
+
+ private SafeScripts() {}
+
+ /**
+ * Creates a SafeScript from the given compile-time constant string {@code script}.
+ */
+ public static SafeScript fromConstant(@CompileTimeConstant final String script) {
+ if (script.length() == 0) {
+ return SafeScript.EMPTY;
+ }
+ return create(script);
+ }
+
+ /**
+ * Creates a SafeScript from the given compile-time constant {@code resourceName} using the given
+ * {@code charset}.
+ *
+ *
+ *