/** * Creates a <script defer type="text/javascript" src="<i>url</i>"><script> where the * {@code src} attribute points to the given {@code trustedResourceUrl}. * The tag has a nonce attribute populated from the provided CSP nonce value. */ public static SafeHtml fromScriptUrlWithCspNonceDeferred(TrustedResourceUrl trustedResourceUrl, String cspNonce) { String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString()); return create("<script defer type=\"text/javascript\" nonce=\"" + htmlEscapeInternal(cspNonce) + "\" src=\"" + escapedUrl + "\"></script>"); }
/** * Creates a <script type="text/javascript" src="<i>url</i>"><script> where the * {@code src} attribute points to the given {@code trustedResourceUrl}. * The tag has a nonce attribute populated from the provided CSP nonce value. */ public static SafeHtml fromScriptUrlWithCspNonce(TrustedResourceUrl trustedResourceUrl, String cspNonce) { String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString()); return create("<script type=\"text/javascript\" nonce=\"" + htmlEscapeInternal(cspNonce) + "\" src=\"" + escapedUrl + "\"></script>"); }
/** * Converts an arbitrary string into an HTML comment by HTML-escaping the contents and embedding * the result between HTML comment markers. * * <p>Escaping is needed because Internet Explorer supports conditional comments and so may render * HTML markup within comments. */ public static SafeHtml comment(String text) { return create("<!--" + htmlEscapeInternal(text) + "-->"); }
/** * Converts, by HTML-escaping, an arbitrary string into a contract-compliant {@link SafeHtml}. */ public static SafeHtml htmlEscape(String text) { return create(htmlEscapeInternal(text)); }
/** * Creates a <style type="text/css" src="<i>url</i>"><style> where the * {@code src} attribute points to the given {@code trustedResourceUrl}. */ public static SafeHtml fromStyleUrl(TrustedResourceUrl trustedResourceUrl) { String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString()); return create("<style type=\"text/css\" src=\"" + escapedUrl + "\"></style>"); }
/** * Creates a <script defer type="text/javascript" src="<i>url</i>"><script> where the * {@code src} attribute points to the given {@code trustedResourceUrl}. */ public static SafeHtml fromScriptUrlDeferred(TrustedResourceUrl trustedResourceUrl) { String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString()); return create("<script defer type=\"text/javascript\" src=\"" + escapedUrl + "\"></script>"); }
/** * Wraps a SafeScript inside a <script type="text/javascript"> tag. * The tag has a nonce attribute populated from the provided CSP nonce value. */ public static SafeHtml fromScriptWithCspNonce(SafeScript script, String cspNonce) { return create("<script type=\"text/javascript\" nonce=\"" + htmlEscapeInternal(cspNonce) + "\">" + script.getSafeScriptString() + "</script>"); }
/** * Creates a <script type="text/javascript" src="<i>url</i>"><script> where the * {@code src} attribute points to the given {@code trustedResourceUrl}. */ public static SafeHtml fromScriptUrl(TrustedResourceUrl trustedResourceUrl) { String escapedUrl = htmlEscapeInternal(trustedResourceUrl.getTrustedResourceUrlString()); return create("<script type=\"text/javascript\" src=\"" + escapedUrl + "\"></script>"); }