commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ingmar Kliche (JIRA)" <j...@apache.org>
Subject [jira] Updated: (SCXML-76) Serialization of expressions may produce invalid XML
Date Thu, 17 Jul 2008 12:25:31 GMT

     [ https://issues.apache.org/jira/browse/SCXML-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ingmar Kliche updated SCXML-76:
-------------------------------


Here is a simple test case:

    public void testSerializeTransition() {
    	Transition t = new Transition();
    	
    	t.setCond("i < 3");
    	
    	String actualValue = " <transition cond=\"i &lt; 3\">\n </transition>\n";
    	
    	StringBuffer returnValue = new StringBuffer();
    	SCXMLSerializer.serializeTransition(returnValue, t, " ");
    	
    	assertEquals(actualValue, returnValue.toString());
    }


> Serialization of expressions may produce invalid XML
> ----------------------------------------------------
>
>                 Key: SCXML-76
>                 URL: https://issues.apache.org/jira/browse/SCXML-76
>             Project: Commons SCXML
>          Issue Type: Bug
>    Affects Versions: 0.8
>            Reporter: Ingmar Kliche
>
> The SCXMLSerializer does not escape expression strings. With an EcmaScript evaluator
the following may occur:
> original document:
> <transition event="foo" cond="i &lt; 3" target="bar">
> the serialized document will be:
> <transition event="foo" cond="i < 3" target="bar">
> which is ill-formed XML. The serializer would need to escape the condition string. This
applies to all places where expressions may occur.
> Apache commons-lang has a StringEscapeUtil.escapeXML(String data) function which would
solve the problem (I don't know if it would help for all cases). But using this would add
another dependency to commons-scxml.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message