Merge branch 'development' of https://github.com/ortus-solutions-priv…

…ate/boxlang into development

build.gradle

@@ -92,6 +92,9 @@ dependencies {
 	implementation 'com.github.javaparser:javaparser-symbol-solver-core:3.25.8'
 	// https://mvnrepository.com/artifact/org.apache.commons/commons-lang3
 	implementation 'org.apache.commons:commons-lang3:3.14.0'
+	// https://mvnrepository.com/artifact/org.apache.commons/commons-text
+	// Many of these classes ( e.g. StringEscapeUtils ) are currently deprecated in commons-lang and others will be moved in the future
+	implementation 'org.apache.commons:commons-text:1.11.0'
 	// https://mvnrepository.com/artifact/com.fasterxml.jackson.jr/jackson-jr-objects
 	implementation 'com.fasterxml.jackson.jr:jackson-jr-objects:2.17.0'
 	// https://mvnrepository.com/artifact/com.fasterxml.jackson.jr/jackson-jr-stree

src/main/java/ortus/boxlang/runtime/bifs/global/query/QueryGetResult.java

@@ -0,0 +1,55 @@
+/**
+ * [BoxLang]
+ *
+ * Copyright [2023] [Ortus Solutions, Corp]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS"
+ * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+package ortus.boxlang.runtime.bifs.global.query;
+
+import ortus.boxlang.runtime.bifs.BIF;
+import ortus.boxlang.runtime.bifs.BoxBIF;
+import ortus.boxlang.runtime.bifs.BoxMember;
+import ortus.boxlang.runtime.context.IBoxContext;
+import ortus.boxlang.runtime.scopes.ArgumentsScope;
+import ortus.boxlang.runtime.scopes.Key;
+import ortus.boxlang.runtime.types.Argument;
+import ortus.boxlang.runtime.types.BoxLangType;
+import ortus.boxlang.runtime.types.Query;
+
+@BoxBIF
+@BoxMember( type = BoxLangType.QUERY )
+public class QueryGetResult extends BIF {
+
+	/**
+	 * Constructor
+	 */
+	public QueryGetResult() {
+		super();
+		declaredArguments = new Argument[] {
+		    new Argument( true, "query", Key.query )
+		};
+	}
+
+	/**
+	 * Returns the metadata of a query.
+	 *
+	 * 
+	 * @param context   The context in which the BIF is being invoked.
+	 * @param arguments Argument scope for the BIF.
+	 *
+	 * @argument.query The query to get the result from
+	 */
+	public Object _invoke( IBoxContext context, ArgumentsScope arguments ) {
+		Query query = arguments.getAsQuery( Key.query );
+
+		return query.getMetaData();
+	}
+}

src/main/java/ortus/boxlang/runtime/bifs/global/system/EncodeForHTML.java

@@ -17,6 +17,8 @@
  */
 package ortus.boxlang.runtime.bifs.global.system;
 
+import org.apache.commons.text.StringEscapeUtils;
+
 import ortus.boxlang.runtime.bifs.BIF;
 import ortus.boxlang.runtime.bifs.BoxBIF;
 import ortus.boxlang.runtime.context.IBoxContext;
@@ -43,20 +45,23 @@ public EncodeForHTML() {
 	/**
 	 * Encodes the input string for safe output in the body of a HTML tag. The encoding in meant to mitigate Cross Site Scripting (XSS) attacks. This
 	 * function can provide more protection from XSS than the HTMLEditFormat or XMLFormat functions do.
-	 * 
+	 *
 	 * @param context   The context in which the BIF is being invoked.
 	 * @param arguments Argument scope for the BIF.
 	 *
 	 * @argument.String The string to encode.
-	 * 
+	 *
 	 * @argument.canonicalize If set to true, canonicalization happens before encoding. If set to false, the given input string will just be encoded.
 	 */
 	public Object _invoke( IBoxContext context, ArgumentsScope arguments ) {
-		// TODO: Just stubbing this out to make TestBox work. Convert to ESAPI
 		String str = arguments.getAsString( Key.string );
 		if ( str == null ) {
 			return null;
 		}
-		return str.replace( "<", "&lt;" ).replace( ">", "&gt;" ).replace( "&", "&amp;" ).replace( "\"", "&quot;" ).replace( "'", "&#39;" );
+
+		if ( arguments.getAsBoolean( Key.canonicalize ) ) {
+			str = str.intern();
+		}
+		return StringEscapeUtils.escapeHtml4( str );
 	}
 }

src/main/java/ortus/boxlang/runtime/bifs/global/system/URLEncodedFormat.java

@@ -17,17 +17,19 @@
  */
 package ortus.boxlang.runtime.bifs.global.system;
 
+import java.io.UnsupportedEncodingException;
+
 import ortus.boxlang.runtime.bifs.BIF;
 import ortus.boxlang.runtime.bifs.BoxBIF;
+import ortus.boxlang.runtime.bifs.BoxMember;
 import ortus.boxlang.runtime.context.IBoxContext;
 import ortus.boxlang.runtime.scopes.ArgumentsScope;
 import ortus.boxlang.runtime.scopes.Key;
 import ortus.boxlang.runtime.types.Argument;
-
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
+import ortus.boxlang.runtime.types.BoxLangType;
 
 @BoxBIF
+@BoxMember( type = BoxLangType.STRING )
 public class URLEncodedFormat extends BIF {
 
 	/**
@@ -50,8 +52,12 @@ public URLEncodedFormat() {
 	 * @argument.String
 	 */
 	public Object _invoke( IBoxContext context, ArgumentsScope arguments ) {
-		// TODO: Just stubbing this out to make TestBox work. We're going to look into transpiling this to use ESAPI's encodeForURL().
 		String str = arguments.getAsString( Key.string );
-		return java.net.URLEncoder.encode( str );
+		try {
+			// W3C says to use UTF-8 for all encoding: http://www.w3.org/TR/html40/appendix/notes.html#non-ascii-chars
+			return java.net.URLEncoder.encode( str, "utf-8" );
+		} catch ( UnsupportedEncodingException e ) {
+			return str;
+		}
 	}
 }

src/main/java/ortus/boxlang/runtime/bifs/global/xml/XMLElemNew.java

@@ -0,0 +1,107 @@
+
+/**
+ * [BoxLang]
+ *
+ * Copyright [2023] [Ortus Solutions, Corp]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ortus.boxlang.runtime.bifs.global.xml;
+
+import java.io.IOException;
+import java.io.StringReader;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+
+import ortus.boxlang.runtime.bifs.BIF;
+import ortus.boxlang.runtime.bifs.BoxBIF;
+import ortus.boxlang.runtime.context.IBoxContext;
+import ortus.boxlang.runtime.scopes.ArgumentsScope;
+import ortus.boxlang.runtime.scopes.Key;
+import ortus.boxlang.runtime.types.Argument;
+import ortus.boxlang.runtime.types.XML;
+import ortus.boxlang.runtime.types.exceptions.BoxRuntimeException;
+
+@BoxBIF
+public class XMLElemNew extends BIF {
+
+	/**
+	 * Constructor
+	 */
+	public XMLElemNew() {
+		super();
+		declaredArguments = new Argument[] {
+		    new Argument( true, "xml", Key.XML ),
+		    new Argument( true, "string", Key.childname ),
+		    new Argument( false, "string", Key.namespace )
+		};
+	}
+
+	/**
+	 * Creates a new XML Element which can be appended to an XML document
+	 *
+	 * @param context   The context in which the BIF is being invoked.
+	 * @param arguments Argument scope for the BIF.
+	 *
+	 * @argument.xml The parent XML object to associate the new node to
+	 * 
+	 * @argument.childName The XML name of the new child node
+	 * 
+	 * @argument.namespace The XML namespace to attach to the new child node
+	 */
+	public Object _invoke( IBoxContext context, ArgumentsScope arguments ) {
+		XML		xmlObject		= arguments.getAsXML( Key.XML );
+		String	childName		= arguments.getAsString( Key.childname );
+		String	namespace		= arguments.getAsString( Key.namespace );
+
+		Node	documentNode	= xmlObject.getNode();
+
+		if ( documentNode == null ) {
+			String xmlString = null;
+			try {
+				DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+
+				if ( namespace != null ) {
+					xmlString = "<" + childName + " xmlns=\"" + namespace + "\"/>";
+				} else {
+					xmlString = "<" + childName + "/>";
+				}
+
+				return builder.parse( new InputSource( new StringReader( xmlString ) ) );
+
+			} catch ( ParserConfigurationException e ) {
+				throw new BoxRuntimeException( "Error creating XML parser", e );
+			} catch ( SAXException e ) {
+				throw new BoxRuntimeException( "Error parsing XML elemement" + xmlString, e );
+			} catch ( IOException e ) {
+				throw new BoxRuntimeException( "Error parsing XML element" + xmlString, e );
+			}
+		} else if ( namespace != null ) {
+			Document ownerDocument = documentNode.getOwnerDocument() == null ? ( Document ) documentNode : documentNode.getOwnerDocument();
+			return ownerDocument.createElementNS( namespace, childName );
+		} else {
+			Document ownerDocument = documentNode.getOwnerDocument() == null ? ( Document ) documentNode : documentNode.getOwnerDocument();
+			return ownerDocument.createElement( childName );
+		}
+
+	}
+
+}

src/main/java/ortus/boxlang/runtime/bifs/global/system/XMLFormat.java → src/main/java/ortus/boxlang/runtime/bifs/global/xml/XMLFormat.java

@@ -1,3 +1,4 @@
+
 /**
  * [BoxLang]
  *
@@ -15,16 +16,23 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package ortus.boxlang.runtime.bifs.global.system;
+
+package ortus.boxlang.runtime.bifs.global.xml;
+
+import org.apache.commons.text.StringEscapeUtils;
 
 import ortus.boxlang.runtime.bifs.BIF;
 import ortus.boxlang.runtime.bifs.BoxBIF;
+import ortus.boxlang.runtime.bifs.BoxMember;
 import ortus.boxlang.runtime.context.IBoxContext;
 import ortus.boxlang.runtime.scopes.ArgumentsScope;
 import ortus.boxlang.runtime.scopes.Key;
 import ortus.boxlang.runtime.types.Argument;
+import ortus.boxlang.runtime.types.BoxLangType;
 
 @BoxBIF
+@BoxMember( type = BoxLangType.STRING )
+
 public class XMLFormat extends BIF {
 
 	/**
@@ -33,25 +41,26 @@ public class XMLFormat extends BIF {
 	public XMLFormat() {
 		super();
 		declaredArguments = new Argument[] {
-		    new Argument( true, "string", Key.string )
+		    new Argument( true, "string", Key.string ),
+		    new Argument( false, "boolean", Key.escapeChars, false )
 		};
 	}
 
 	/**
-	 * Escapes XML special characters in a string, so that the string is safe to use with XML.
-	 * 
+	 * Formats a string so that special XML characters can be used as text in XML
+	 *
 	 * @param context   The context in which the BIF is being invoked.
 	 * @param arguments Argument scope for the BIF.
 	 *
-	 * @argument.String The string to encode.
-	 * 
+	 * @argument.string The string to format
+	 *
+	 * @argument.escapeChars whether to escape additional characters restricted as per XML standards. For details, see
+	 *                       http://www.w3.org/TR/2006/REC-xml11-20060816/#NT-RestrictedChar.
 	 */
 	public Object _invoke( IBoxContext context, ArgumentsScope arguments ) {
-		// TODO: Just stubbing this out to make ColdBox work. Convert to ESAPI
-		String str = arguments.getAsString( Key.string );
-		if ( str == null ) {
-			return null;
-		}
-		return str.replace( "<", "&lt;" ).replace( ">", "&gt;" ).replace( "&", "&amp;" );
+		return arguments.getAsBoolean( Key.escapeChars )
+		    ? StringEscapeUtils.escapeXml10( arguments.getAsString( Key.string ) )
+		    : StringEscapeUtils.escapeXml11( arguments.getAsString( Key.string ) );
 	}
+
 }