You are viewing a plain text version of this content. The canonical link for it is here.
Posted to xmlrpc-dev@ws.apache.org by Jim Redman <ji...@ergotech.com> on 2002/02/28 20:39:00 UTC
Fwd: DO NOT REPLY [Bug 6763] New: - XMLWriter doesn't escape enough characters [bugzilla@apache.org]
Is the server supposed to escape these? If you put "<p>" in a returned
value it is not escaped.
Jim
On 2002.02.28 12:13:55 -0700 bugzilla@apache.org wrote:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6763>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6763
XMLWriter doesn't escape enough characters
Summary: XMLWriter doesn't escape enough characters
Product: XML-RPC
Version: unspecified
Platform: PC
OS/Version: Windows NT/2K
Status: NEW
Severity: Normal
Priority: Other
Component: Source
AssignedTo: rpc-dev@xml.apache.org
ReportedBy: aaron@alum.mit.edu
org.apache.xmlrpc.XmlRpc$XMLWriter.chardata escapes the characters &, <,
and >
in strings passed as arguments to execute(). If the string contains other
characters that are not allowed in XML, then the XmlRpcServer fails with a
SAXParseException on the other side of the wire. In the example I
encountered,
the string contained the character 0x05, which should probably be escaped
as
. (I have worked around this by adding my own pass over the
argument
strings before calling execute, but this is obviously not ideal.)
Please feel free to contact me for more information.
Aaron Goodisman
aaron@alum.mit.edu
--
Jim Redman
(505) 662 5156
http://www.ergotech.com