You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Ingmar Kliche (JIRA)" <ji...@apache.org> on 2008/07/15 15:15:31 UTC
[jira] Created: (SCXML-76) Serialization of expressions may produce
invalid XML
Serialization of expressions may produce invalid XML
----------------------------------------------------
Key: SCXML-76
URL: https://issues.apache.org/jira/browse/SCXML-76
Project: Commons SCXML
Issue Type: Bug
Affects Versions: 0.8
Reporter: Ingmar Kliche
The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
original document:
<transition event="foo" cond="i < 3" target="bar">
the serialized document will be:
<transition event="foo" cond="i < 3" target="bar">
which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases). But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ingmar Kliche updated SCXML-76:
-------------------------------
Attachment: SCXMLSerializer.patch
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Rahul Akolkar (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rahul Akolkar closed SCXML-76.
------------------------------
Thanks, closing issue.
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Rahul Akolkar (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rahul Akolkar updated SCXML-76:
-------------------------------
Fix Version/s: 0.9
Yup, thanks, makes sense, I'm marking fix version to next release (v0.9).
I'm traveling and won't be able to get to this for atleast another week. Since you have identified the changes, would you like to provide a patch as well? Here's more on that:
http://commons.apache.org/patches.html
You are right that we don't want any more dependencies (especially required ones) so we'll want to copy over the guts of the escapeXML method from [lang] (or write an equivalent). The best place for this would be as a utility method in the org.apache.commons.scxml.SCXMLHelper class that can be used by the SCXMLSerializer (and other places as needed).
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SCXML-76) Serialization of expressions may
produce invalid XML
Posted by "Rahul Akolkar (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rahul Akolkar resolved SCXML-76.
--------------------------------
Resolution: Fixed
Thanks a lot for the patch(es)!
I've committed a variant of the escapeXML() method, such that:
* The floating point operation is avoided
* A map isn't instantiated
* Cosmetic changes (tab removal etc.)
I had some difficulty in trying to apply the patches using my SVN client. I'd recommend providing one patch (for all files changed) rooted at trunk.
Resolving as fixed. It would be great if you could try a clean checkout from SVN to see if this works for you. Thanks again.
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ingmar Kliche updated SCXML-76:
-------------------------------
Attachment: SCXMLHelper.patch
added escapeXML() helper function
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SCXML-76) Serialization of expressions may
produce invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12617331#action_12617331 ]
Ingmar Kliche commented on SCXML-76:
------------------------------------
Rahul,
I tried to find a compact solution and added patches for 3 files.
- Ingmar.
2008/7/17 Rahul Akolkar (JIRA) <ji...@apache.org>
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SCXML-76) Serialization of expressions may
produce invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12618270#action_12618270 ]
Ingmar Kliche commented on SCXML-76:
------------------------------------
It works fine for me.
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ingmar Kliche updated SCXML-76:
-------------------------------
Here is a simple test case:
public void testSerializeTransition() {
Transition t = new Transition();
t.setCond("i < 3");
String actualValue = " <transition cond=\"i < 3\">\n </transition>\n";
StringBuffer returnValue = new StringBuffer();
SCXMLSerializer.serializeTransition(returnValue, t, " ");
assertEquals(actualValue, returnValue.toString());
}
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases). But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ingmar Kliche updated SCXML-76:
-------------------------------
Description:
The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
original document:
<transition event="foo" cond="i < 3" target="bar">
the serialized document will be:
<transition event="foo" cond="i < 3" target="bar">
which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
But using this would add another dependency to commons-scxml.
was:
The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
original document:
<transition event="foo" cond="i < 3" target="bar">
the serialized document will be:
<transition event="foo" cond="i < 3" target="bar">
which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases). But using this would add another dependency to commons-scxml.
Added link to StringEscapeUtil implementation.
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SCXML-76) Serialization of expressions may produce
invalid XML
Posted by "Ingmar Kliche (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ingmar Kliche updated SCXML-76:
-------------------------------
Attachment: SCXMLSerializerTest.patch
a test case
> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
> Key: SCXML-76
> URL: https://issues.apache.org/jira/browse/SCXML-76
> Project: Commons SCXML
> Issue Type: Bug
> Affects Versions: 0.8
> Reporter: Ingmar Kliche
> Fix For: 0.9
>
> Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i < 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases).
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.