| 76 | | urlRegex = /^((?:http|https|ftp|news):\/\/)?(.*)$/, |
| 77 | | selectableTargets = /^(_(?:self|top|parent|blank))$/; |
| | 76 | urlRegex = /^(?!javascript)((?:http|https|ftp|news):\/\/)?(.*)$/, |
| | 77 | selectableTargets = /^(_(?:self|top|parent|blank))$/, |
| | 78 | encodedEmailLinkRegex = /^javascript:void\(location\.href='mailto:'\+String\.fromCharCode\(([^)]+)\)(?:\+'(.*)')?\)$/, |
| | 79 | functionCallProtectedEmailLinkRegex = /^javascript:([^(]+)\(([^)]+)\)$/; |
| | 99 | // urlRegex matches empty strings, so need to check for href as well. |
| | 100 | else if ( href && ( urlMatch = href.match( urlRegex ) ) ) |
| | 101 | { |
| | 102 | retval.type = 'url'; |
| | 103 | retval.url = {}; |
| | 104 | retval.url.protocol = urlMatch[1]; |
| | 105 | retval.url.url = urlMatch[2]; |
| | 106 | } |
| | 107 | // Protected email link as encoded string. |
| | 108 | else if ( !emailProtection || emailProtection == 'encode' ) |
| | 109 | { |
| | 110 | if( emailProtection == 'encode' ) |
| | 111 | { |
| | 112 | href = href.replace( encodedEmailLinkRegex, |
| | 113 | function ( match, protectedAddress, rest ) |
| | 114 | { |
| | 115 | return 'mailto:' + |
| | 116 | String.fromCharCode.apply( String, protectedAddress.split( ',' ) ) + |
| | 117 | ( rest && unescapeSingleQuote( rest ) ); |
| | 118 | } ); |
| | 119 | } |
| 98 | | // Load the link type and URL. |
| 99 | | if ( emailMatch ) |
| 100 | | { |
| 101 | | var subjectMatch = href.match( emailSubjectRegex ), |
| 102 | | bodyMatch = href.match( emailBodyRegex ); |
| 103 | | retval.type = 'email'; |
| 104 | | retval.email = {}; |
| 105 | | retval.email.address = emailMatch[1]; |
| 106 | | subjectMatch && ( retval.email.subject = decodeURIComponent( subjectMatch[1] ) ); |
| 107 | | bodyMatch && ( retval.email.body = decodeURIComponent( bodyMatch[1] ) ); |
| 108 | | } |
| 109 | | else if ( anchorMatch ) |
| 110 | | { |
| 111 | | retval.type = 'anchor'; |
| 112 | | retval.anchor = {}; |
| 113 | | retval.anchor.name = retval.anchor.id = anchorMatch[1]; |
| | 121 | emailMatch = href.match( emailRegex ); |
| | 122 | |
| | 123 | if( emailMatch ) |
| | 124 | { |
| | 125 | var subjectMatch = href.match( emailSubjectRegex ), |
| | 126 | bodyMatch = href.match( emailBodyRegex ); |
| | 127 | |
| | 128 | retval.type = 'email'; |
| | 129 | var email = ( retval.email = {} ); |
| | 130 | email.address = emailMatch[ 1 ]; |
| | 131 | subjectMatch && ( email.subject = decodeURIComponent( subjectMatch[ 1 ] ) ); |
| | 132 | bodyMatch && ( email.body = decodeURIComponent( bodyMatch[ 1 ] ) ); |
| | 133 | } |
| 117 | | retval.type = 'url'; |
| 118 | | retval.url = {}; |
| 119 | | retval.url.protocol = urlMatch[1]; |
| 120 | | retval.url.url = urlMatch[2]; |
| 121 | | } |
| | 138 | href.replace( functionCallProtectedEmailLinkRegex, function( match, funcName, funcArgs ) |
| | 139 | { |
| | 140 | if( funcName == compiledProtectionFunction.name ) |
| | 141 | { |
| | 142 | retval.type = 'email'; |
| | 143 | var email = retval.email = {}; |
| | 144 | |
| | 145 | var paramRegex = /[^,\s]+/g, |
| | 146 | paramQuoteRegex = /(^')|('$)/g, |
| | 147 | paramsMatch = funcArgs.match( paramRegex ), |
| | 148 | paramsMatchLength = paramsMatch.length, |
| | 149 | paramName, |
| | 150 | paramVal; |
| | 151 | |
| | 152 | for ( var i = 0; i < paramsMatchLength; i++ ) |
| | 153 | { |
| | 154 | paramVal = decodeURIComponent( unescapeSingleQuote( paramsMatch[ i ].replace( paramQuoteRegex, '' ) ) ); |
| | 155 | paramName = compiledProtectionFunction.params[ i ].toLowerCase(); |
| | 156 | email[ paramName ] = paramVal; |
| | 157 | } |
| | 158 | email.address = [ email.name, email.domain ].join( '@' ); |
| | 159 | } |
| | 160 | } ); |
| | 161 | } |
| | 288 | function unescapeSingleQuote( str ) |
| | 289 | { |
| | 290 | return str.replace( /\\'/g, '\'' ); |
| | 291 | } |
| | 292 | |
| | 293 | function escapeSingleQuote( str ) |
| | 294 | { |
| | 295 | return str.replace( /'/g, '\\$&' ); |
| | 296 | } |
| | 297 | |
| | 298 | var emailProtection = editor.config.emailProtection || ''; |
| | 299 | |
| | 300 | // Compile the protection function pattern. |
| | 301 | if( emailProtection && emailProtection != 'encode' ) |
| | 302 | { |
| | 303 | var compiledProtectionFunction = {}; |
| | 304 | |
| | 305 | emailProtection.replace( /^([^(]+)\(([^)]+)\)$/, function( match, funcName, params ) |
| | 306 | { |
| | 307 | compiledProtectionFunction.name = funcName; |
| | 308 | compiledProtectionFunction.params = []; |
| | 309 | params.replace( /[^,\s]+/g, function( param ) |
| | 310 | { |
| | 311 | compiledProtectionFunction.params.push( param ); |
| | 312 | } ); |
| | 313 | } ); |
| | 314 | } |
| | 315 | |
| | 316 | function protectEmailLinkAsFunction( email ) |
| | 317 | { |
| | 318 | var retval, |
| | 319 | name = compiledProtectionFunction.name, |
| | 320 | params = compiledProtectionFunction.params, |
| | 321 | paramName, |
| | 322 | paramValue; |
| | 323 | |
| | 324 | retval = [ name, '(' ]; |
| | 325 | for ( var i = 0; i < params.length; i++ ) |
| | 326 | { |
| | 327 | paramName = params[ i ].toLowerCase(); |
| | 328 | paramValue = email[ paramName ]; |
| | 329 | |
| | 330 | i > 0 && retval.push( ',' ); |
| | 331 | retval.push( '\'', |
| | 332 | paramValue ? |
| | 333 | escapeSingleQuote( encodeURIComponent( email[ paramName ] ) ) |
| | 334 | : '', |
| | 335 | '\''); |
| | 336 | } |
| | 337 | retval.push( ')' ); |
| | 338 | return retval.join( '' ); |
| | 339 | } |
| | 340 | |
| | 341 | function protectEmailAddressAsEncodedString( address ) |
| | 342 | { |
| | 343 | var charCode, |
| | 344 | length = address.length, |
| | 345 | encodedChars = []; |
| | 346 | for ( var i = 0; i < length; i++ ) |
| | 347 | { |
| | 348 | charCode = address.charCodeAt( i ); |
| | 349 | encodedChars.push( charCode ); |
| | 350 | } |
| | 351 | return 'String.fromCharCode(' + encodedChars.join( ',' ) + ')'; |
| | 352 | } |
| | 353 | |
| 1068 | | var argList = []; |
| 1069 | | linkList.push( '?' ); |
| 1070 | | subject && argList.push( 'subject=' + subject ); |
| 1071 | | body && argList.push( 'body=' + body ); |
| 1072 | | linkList.push( argList.join( '&' ) ); |
| 1073 | | } |
| 1074 | | attributes._cke_saved_href = linkList.join( '' ); |
| 1075 | | break; |
| 1076 | | default: |
| 1077 | | } |
| | 1176 | case '' : |
| | 1177 | case 'encode' : |
| | 1178 | { |
| | 1179 | var subject = encodeURIComponent( email.subject || '' ), |
| | 1180 | body = encodeURIComponent( email.body || '' ); |
| | 1181 | |
| | 1182 | // Build the e-mail parameters first. |
| | 1183 | var argList = []; |
| | 1184 | subject && argList.push( 'subject=' + subject ); |
| | 1185 | body && argList.push( 'body=' + body ); |
| | 1186 | argList = argList.length ? '?' + argList.join( '&' ) : ''; |
| | 1187 | |
| | 1188 | if ( emailProtection == 'encode' ) |
| | 1189 | { |
| | 1190 | linkHref = [ 'javascript:void(location.href=\'mailto:\'+', |
| | 1191 | protectEmailAddressAsEncodedString( address ) ]; |
| | 1192 | // parameters are optional. |
| | 1193 | argList && linkHref.push( '+\'', escapeSingleQuote( argList ), '\'' ); |
| | 1194 | |
| | 1195 | linkHref.push( ')' ); |
| | 1196 | } |
| | 1197 | else |
| | 1198 | linkHref = [ 'mailto:', address, argList ]; |
| | 1199 | |
| | 1200 | break; |
| | 1201 | } |
| | 1202 | default : |
| | 1203 | { |
| | 1204 | // Separating name and domain. |
| | 1205 | var nameAndDomain = address.split( '@', 2 ); |
| | 1206 | email.name = nameAndDomain[ 0 ]; |
| | 1207 | email.domain = nameAndDomain[ 1 ]; |
| | 1208 | |
| | 1209 | linkHref = [ 'javascript:', protectEmailLinkAsFunction( email ) ]; |
| | 1210 | } |
| | 1211 | } |
| 1221 | | } ); |
| | 1359 | } ) |
| | 1360 | |
| | 1361 | /** |
| | 1362 | * The e-mail address anti-spam protection option. |
| | 1363 | * @name CKEDITOR.config.emailProtection |
| | 1364 | * @type {String} |
| | 1365 | * Two forms of protection could be choosed from : |
| | 1366 | * 1. The whole address parts ( name, domain with any other query string ) are assembled into a |
| | 1367 | * function call pattern which invoke you own provided function, with the specified arguments. |
| | 1368 | * 2. Only the e-mail address is obfuscated into unicode code point sequences, replacement are |
| | 1369 | * done by a String.fromCharCode() call. |
| | 1370 | * Note: Both approaches require JavaScript to be enabled. |
| | 1371 | * @default '' |
| | 1372 | * @example |
| | 1373 | * config.emailProtection = ''; |
| | 1374 | * // href="mailto:tester@ckeditor.com?subject=subject&body=body" |
| | 1375 | * config.emailProtection = 'encode'; |
| | 1376 | * // href="<a href=\"javascript:void(location.href=\'mailto:\'+String.fromCharCode(116,101,115,116,101,114,64,99,107,101,100,105,116,111,114,46,99,111,109)+\'?subject=subject&body=body\')\">e-mail</a>" |
| | 1377 | * config.emailProtection = 'mt(NAME,DOMAIN,SUBJECT,BODY)'; |
| | 1378 | * // href="javascript:mt('tester','ckeditor.com','subject','body')" |
| | 1379 | */ |
