You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by le...@apache.org on 2014/11/02 15:46:37 UTC
svn commit: r1636142 -
/pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java
Author: lehmi
Date: Sun Nov 2 14:46:37 2014
New Revision: 1636142
URL: http://svn.apache.org/r1636142
Log:
PDFBOX-2419: escape special characters
Modified:
pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java (contents, props changed)
Modified: pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java?rev=1636142&r1=1636141&r2=1636142&view=diff
==============================================================================
--- pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java (original)
+++ pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java Sun Nov 2 14:46:37 2014
@@ -125,14 +125,21 @@ public class FDFField implements COSObje
{
output.write( "<field name=\"" + getPartialFieldName() + "\">\n");
Object value = getValue();
- if( value != null )
+ if( value != null)
{
- output.write( "<value>" + value + "</value>\n" );
+ if (value instanceof String)
+ {
+ output.write( "<value>" + escapeXML((String)value) + "</value>\n" );
+ }
+ else if (value instanceof PDTextStream)
+ {
+ output.write( "<value>" + escapeXML(((PDTextStream)value).getAsString()) + "</value>\n" );
+ }
}
PDTextStream rt = getRichText();
if( rt != null )
{
- output.write( "<value-richtext>" + rt.getAsString() + "</value-richtext>\n" );
+ output.write( "<value-richtext>" + escapeXML(rt.getAsString()) + "</value-richtext>\n" );
}
List<FDFField> kids = getKids();
if( kids != null )
@@ -746,4 +753,48 @@ public class FDFField implements COSObje
{
field.setItem( COSName.RV, rv );
}
+
+ /**
+ * Escape special characters.
+ *
+ * @param input the string to be escaped
+ *
+ * @return the resulting string
+ */
+ private String escapeXML(String input)
+ {
+ StringBuilder escapedXML = new StringBuilder();
+ for (int i = 0; i < input.length(); i++)
+ {
+ char c = input.charAt(i);
+ switch (c)
+ {
+ case '<':
+ escapedXML.append("<");
+ break;
+ case '>':
+ escapedXML.append(">");
+ break;
+ case '\"':
+ escapedXML.append(""");
+ break;
+ case '&':
+ escapedXML.append("&");
+ break;
+ case '\'':
+ escapedXML.append("'");
+ break;
+ default:
+ if (c > 0x7e)
+ {
+ escapedXML.append("&#" + ((int) c) + ";");
+ }
+ else
+ {
+ escapedXML.append(c);
+ }
+ }
+ }
+ return escapedXML.toString();
+ }
}
Propchange: pdfbox/branches/1.8/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Sun Nov 2 14:46:37 2014
@@ -0,0 +1 @@
+/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java:1460370,1460372,1461796,1465163,1465217,1465266,1465359-1465360,1465366,1467638,1468195,1469999,1470107,1470242,1476795,1477806,1478472,1479136,1479287,1480000,1480030,1484089,1484277,1484547,1485771,1485781,1486337,1486413,1486423,1486440,1487557,1488049,1490022-1490023,1490408,1493503,1494083,1495799,1495802-1495803,1497532,1504210,1504214,1505737,1509187,1512367,1512433,1512661,1515101,1515165,1515905,1517273,1517281,1517288,1519174,1521194,1528826,1528833,1530018,1530740,1535953,1535956,1536136,1536173,1536441,1536463,1537287,1538191,1538203,1538222,1538341,1538371,1538394-1538395,1540801,1540811,1541625,1541714,1541987,1542291,1542780,1544789,1544806,1544818,1544972,1544977,1548387,1548394,1549022,1549025,1549027,1551220,1552521,1552533,1552552,1553017,1553175,1553220,1554632,1554774,1554792,1554845,1555186,1555345,1555550,1557339,1557374,1557546,1557553,1557561,1557793,1558205,1558570,1561095,156119
1,1563199,1563210,1563215,1563426,1563429,1564846,1588736,1598655,1598885,1599016,1599656,1599786,1601144,1601451,1631169,1636140