Uploaded image for project: 'XWiki Commons'
  1. XWiki Commons
  2. XCOMMONS-1893

HTML cleaner breaks attributes with encoded XML

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Solved By
    • Affects Version/s: 12.1
    • Fix Version/s: None
    • Component/s: XML
    • Labels:
    • Tests:
      Unit
    • Development Priority:
      High
    • Difficulty:
      Unknown
    • Documentation:
      N/A
    • Documentation in Release Notes:
      N/A
    • Similar issues:

      Description

      The following test added to DefaultHTMLCleanerTest shows the problem:

      @Test
      public void preserveDoubleEscapingInAttributes() throws Exception
      {
          assertHTML("<div foo=\"&amp;quot;\">content</div>",
              "<div foo=\"&amp;quot;\">content</div>");
      }
      

      The HTML cleaner should preserve the double XML encoding in attribute values (the use case being attributes with XML value). Right now the following:

      <div foo="&amp;quot;">content</div>
      

      ends up as:

      <div foo="&quot;">content</div>
      

      which breaks any code that tries to parse the XML from the attribute value later on..

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              surli Simon Urli
              Reporter:
              mflorea Marius Dumitru Florea
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response: