You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Rahul Akolkar (JIRA)" <ji...@apache.org> on 2008/07/28 23:48:31 UTC

[jira] Resolved: (SCXML-76) Serialization of expressions may produce invalid XML

     [ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rahul Akolkar resolved SCXML-76.
--------------------------------

    Resolution: Fixed

Thanks a lot for the patch(es)!

I've committed a variant of the escapeXML() method, such that:
 * The floating point operation is avoided
 * A map isn't instantiated
 * Cosmetic changes (tab removal etc.)
I had some difficulty in trying to apply the patches using my SVN client. I'd recommend providing one patch (for all files changed) rooted at trunk.

Resolving as fixed. It would be great if you could try a clean checkout from SVN to see if this works for you. Thanks again.


> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
>                 Key: SCXML-76
>                 URL: https://issues.apache.org/jira/browse/SCXML-76
>             Project: Commons SCXML
>          Issue Type: Bug
>    Affects Versions: 0.8
>            Reporter: Ingmar Kliche
>             Fix For: 0.9
>
>         Attachments: SCXMLHelper.patch, SCXMLSerializer.patch, SCXMLSerializerTest.patch
>
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator the following may occur:
> original document:
> <transition event="foo" cond="i &lt; 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would solve the problem (I don't know if it would help for all cases). 
> http://svn.apache.org/viewvc/commons/proper/lang/trunk/src/java/org/apache/commons/lang/StringEscapeUtils.java?view=markup
> But using this would add another dependency to commons-scxml.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.