You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@maven.apache.org by sc...@apache.org on 2016/12/31 01:06:53 UTC

svn commit: r1776671 - /maven/plugins/trunk/maven-invoker-plugin/src/main/java/org/apache/maven/plugin/invoker/AbstractInvokerMojo.java

Author: schulte
Date: Sat Dec 31 01:06:53 2016
New Revision: 1776671

URL: http://svn.apache.org/viewvc?rev=1776671&view=rev
Log:
[MINVOKER-213] The plugin should escape any XML special characters (&<>) during interpolating XML files.

o Updated to only escape characters leading to invalid XML if not escaped.
  I did run the ITs locally and they succeeded. On Jenkins they fail.


Modified:
    maven/plugins/trunk/maven-invoker-plugin/src/main/java/org/apache/maven/plugin/invoker/AbstractInvokerMojo.java

Modified: maven/plugins/trunk/maven-invoker-plugin/src/main/java/org/apache/maven/plugin/invoker/AbstractInvokerMojo.java
URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-invoker-plugin/src/main/java/org/apache/maven/plugin/invoker/AbstractInvokerMojo.java?rev=1776671&r1=1776670&r2=1776671&view=diff
==============================================================================
--- maven/plugins/trunk/maven-invoker-plugin/src/main/java/org/apache/maven/plugin/invoker/AbstractInvokerMojo.java (original)
+++ maven/plugins/trunk/maven-invoker-plugin/src/main/java/org/apache/maven/plugin/invoker/AbstractInvokerMojo.java Sat Dec 31 01:06:53 2016
@@ -51,7 +51,6 @@ import java.util.TreeSet;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.TimeUnit;
-import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.maven.artifact.Artifact;
 import org.apache.maven.model.Model;
 import org.apache.maven.model.Profile;
@@ -2303,7 +2302,12 @@ public abstract class AbstractInvokerMoj
 
             for ( final Map.Entry<String, Object> e : props.entrySet() )
             {
-                escapedProperties.put( e.getKey(), StringEscapeUtils.escapeXml( e.getValue().toString() ) );
+                escapedProperties.put( e.getKey(), e.getValue().toString().
+                                       replaceAll( "\"", "&quot;" ).
+                                       replaceAll( "<", "&lt;" ).
+                                       replaceAll( ">", "&gt;" ).
+                                       replaceAll( "&", "&amp;" ) );
+
             }
 
             props = escapedProperties;