//! A lightweight layer on top of [Hyper](https://hyper.rs/) //! to facilitate building web applications. #![cfg_attr(docsrs, feature(doc_cfg))] use std::borrow::Cow; pub use mime; pub use httpdate; pub mod request; pub mod response; #[cfg(feature="security")] #[cfg_attr(docsrs, doc(cfg(feature = "security")))] pub mod security; #[cfg(feature="hyper_body")] #[cfg_attr(docsrs, doc(cfg(feature = "hyper_body")))] pub mod hyper_body; #[cfg(not(feature="hyper_body"))] use http; #[cfg(feature="hyper_body")] use hyper::http; /// HTML escapes the given string. /// /// The following characters are escaped: `<`, `>`, `&`, `"`, `'`. /// To mitigate the risks of forgetting to HTML escape something, /// it is recommended to additionally set a strict [Content Security /// Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP). pub fn html_escape<'a, S: Into>>(input: S) -> Cow<'a, str> { let input = input.into(); fn is_trouble(c: char) -> bool { c == '<' || c == '>' || c == '&' || c == '"' || c == '\'' } if input.contains(is_trouble) { let mut output = String::with_capacity(input.len()); for c in input.chars() { match c { '<' => output.push_str("<"), '>' => output.push_str(">"), '&' => output.push_str("&"), '"' => output.push_str("""), '\'' => output.push_str("'"), _ => output.push(c), } } Cow::Owned(output) } else { input } }