From b8a158b54399999fc4e961ac258e1ca4f67b24d0 Mon Sep 17 00:00:00 2001 From: AndreasRu <5096188+andreasRu@users.noreply.github.com> Date: Tue, 8 Aug 2023 11:36:08 +0200 Subject: [PATCH] add information and link --- README.md | 3 ++- docs/index.html | 18 ++++++------------ 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 200b344..4513c1a 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ --- ***Minify your CFML generated HTML at runtime!*** +(If you want to see an enhanced version of this page, please visit [https://andreasru.github.io/cfml-htmlhelper/](https://andreasru.github.io/cfml-htmlhelper/)) ## A simple basic CFML component to @@ -121,7 +122,7 @@ Example of encoding a trusted HTML block to escape unescaped characters with `en ### Downloads -> - **Raw CFC component**: [Download](https://raw.githubusercontent.com/andreasRu/cfml-htmlhelper/master/components/HtmlHelper.cfc) +> - **Raw HtmlHelper.cfc component**: [Download](https://raw.githubusercontent.com/andreasRu/cfml-htmlhelper/master/components/HtmlHelper.cfc) > - **Repository as ZIP-File**: [Download](https://github.com/andreasRu/cfml-htmlhelper/archive/refs/heads/master.zip) > - **Example minifyHtml()**: [Download](https://raw.githubusercontent.com/andreasRu/cfml-htmlhelper/master/examples/minifyHtml.cfm) > - **Example Cfhttp & minifyHtml()**: [Download](https://raw.githubusercontent.com/andreasRu/cfml-htmlhelper/master/examples/cfhttpMinifyHtml.cfm) diff --git a/docs/index.html b/docs/index.html index 3586a7e..7d59ee0 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ -HtmlHelper.cfc: minifyHtml() & encodeTrustedHtml() in your CFML Projects Fork me on GitHub

HtmlHelper.cfc

Minify your CFML generated HTML at runtime!

A simple basic CFML component to

1. minifyHtml( string html required )

Converts a whitespace poluted HTML block like this

        <!DOCTYPE html>
+HtmlHelper.cfc: minifyHtml() & encodeTrustedHtml() in your CFML Projects Fork me on GitHub
HtmlHelper.cfc
Minify your CFML generated HTML at runtime! (If you want to see an enhanced version of this page, please visit https://andreasru.github.io/cfml-htmlhelper/)
A simple basic CFML component to
  • minify CFML generated html content
  • encode trusted HTML content containing non-compliant/unescaped characters like e.g. €, ü, ö, ß, etc. within a tags inner HTML
1. minifyHtml( string html required )
Converts a whitespace poluted HTML block like this
        <!DOCTYPE html>
         <head>
 <title>Hot CFML Page & content</title>
                     <meta charset="utf-8">
@@ -17,21 +17,15 @@
             embedded JavaScript          */
 console.log('Log Something'); // this is just some Javascript </script>        </body> </html>
 
... into a minified HTML version like this
<!DOCTYPE html><head><title>Hot CFML Page &amp; content</title><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><style> .someClass{ font-size: 1rem; } </style><meta name="description" content="Just some Example"><link rel="stylesheet" href="css/main.css"></head><body><p>Hello to all CFML devs &#x1f600; &#x1f929; around the &#x1f30e;&#x21;&#x21;&#x21; </p><script> console.log('Log Something');</script></body></html>
-
The function minifyHtml() minifies CFML generated html content by:
  • stripping HTML comments
  • stripping JavaScript multline comments
  • stripping JavaScript singleline comments
  • stripping whitespaces, such as all double tabs/spaces/newlines
  • honouring and preserving the content within <pre></pre> or <code></code> tags as submitted
2. encodeTrustedHTML( string trustedHtml required );
Converts HTML from a trusted source with unencoded characters like this
<div class="someClass">
+
The function minifyHtml() minifies CFML generated html content by:
  • stripping HTML comments
  • stripping JavaScript multline comments
  • stripping JavaScript singleline comments
  • stripping CSS comments
  • stripping whitespaces, such as all double tabs/spaces/newlines
  • honouring and preserving the content within <pre></pre> or <code></code> tags as submitted
2. encodeTrustedHTML( string trustedHtml required );
Converts HTML from a trusted source with unencoded characters like this
<div class="someClass">
     I tend to add "€, ä, &, é, ß" and I 
     even might tend to add a > (greater sign)
-    directly into my html, because I'm
+    directly into my html 😲, because I'm
     a lazy content writer and I don't like 
     adding those as html encoded characters manually!
 </div>
-
... into proper html like this
<div class="someClass">
-    I tend to add &quot;&euro;, &auml;, &amp;, &eacute;, &szlig;&quot; and I 
-    even might tend to add a &gt; &#x28;greater sign&#x29;
-    directly into my html because I&#x27;m
-    a lazy content writer and I don&#x27;t like 
-    adding those as html encoded characters manually&#x21;
-</div>
-
The function encodeTrustedHTML() detects and encodes unencoded characters, but preserves valid HTML-Tags and HTML-Entities.
3. Examples
Example of minifying a whitespace overfilled WordPress page with minifyHtml():
<!--- /examples/cfhttpMinifyHtml.cfm: minifyHtml() --->
+
... into proper html like this
<div class="someClass"> I tend to add &quot;&euro;, &auml;, &amp;, &eacute;, &szlig;&quot; and I even might tend to add a &gt; &#x28;greater sign&#x29; directly into my html &#x1f632;, because I&#x27;m a lazy content writer and I don&#x27;t like adding those as html encoded characters manually&#x21; </div>
+
The function encodeTrustedHTML() detects and encodes unencoded characters, but preserves valid HTML-Entities and HTML-Tags already present in the submitted HTML.
3. Examples
Example of minifying a whitespace overfilled WordPress page with minifyHtml():
<!--- /examples/cfhttpMinifyHtml.cfm: minifyHtml() --->
 <!--- Make sure to override admin setting and read template with correct charset(UTF-8) --->
 <cfprocessingdirective pageEncoding="UTF-8">
 <cfscript>
@@ -65,4 +59,4 @@
         htmlHelperService.encodeTrustedHtml ( someHtmlBlock )
     );
 </cfscript>
-
Lambda Expression
HtmlHelper.cfc delivers its service with Lambda Expressions:
cfml html minifier
Tips & Security Advisory
  • IMPORTANT SECURITY NOTICE:encodeTrustedHtml()MUST NOT be used to avoid XSS, because it only encodes unencoded characters of the inner HTML (within the body of tags). This function will accept any submitted HTML, JavaScript and Styles and output it as submitted(!) without encoding it for XSS mitigation. For XSS prevention of untrusted HTML you MUST continue to use encodeForHTML(), encodeForHTMLAttribute(), encodeForJavascript(), encodeFor...() respectively.
  • When using encodeTrustedHTML() always make sure to keep all the charsets among the stream "in sync". Having different charsets for templates, web charset, charset http headers, or resource charsets may have unpredictable wrong html-entities and characters.
  • encodeTrustedHTML() is typically used when you have a fronted CMS with a HTML-Editor where you can manually add custom HTML to a database.
  • You get best performance when you use minifyHtml() only once during the request flow, e.g. at the end of the CFML processing. A good location could be the Application.cfc at the end of the onRequest() function.
Downloads
Run repository locally
To test or watch the code running locally, you'll need CommandBox as dependency:
  1. Download the Repository as ZIP-File
  2. Unzip it
  3. Run server.bat on Windows or server.shon MacOs/Linux
  4. Wait for commandBox open the browser and load the page
Donations
I'm not taking anything for this but sharing with you. If you like/are using it, I kindly ask you to donate to the Lucee Organization to make this awesome cfengine even better:
Lucee Open Collective Donation ❤️
About

\ No newline at end of file
+

Service Functions as Lambda Expression

HtmlHelper.cfc passes the functions minifyHtml() and encodeTrustedHtml() as Lambda Expressions to ensure inner a better local scoping (see code here at GitHub):

cfml html minifier

Tips & Security Advisory

Downloads

Run repository locally

To test or watch the code running locally, you'll need CommandBox as dependency:

  1. Download the Repository as ZIP-File
  2. Unzip it
  3. Run server.bat on Windows or server.shon MacOs/Linux
  4. Wait for commandBox open the browser and load the page

Donations

I'm not taking anything for this but sharing with you. If you like/are using it, I kindly ask you to donate to the Lucee Organization to make this awesome cfengine even better:

Lucee Open Collective Donation ❤️

About

\ No newline at end of file