commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Aust <>
Subject [betwixt] XMLUtils must not escape '&' from bodyValue
Date Tue, 25 Jan 2005 11:03:54 GMT

it is true that XMLUtils should escape '<' and '>' from bodyValues since 
those values are likely to break the wellformedness of the generated XML.

However, if a value contains the string "&copy; Apache" it must not 
double-escape that ampersand here. Easy workaround was to comment out 
lines 281-285 from, maybe this fix could be incorporated 
into next releases? Best regards,

-  Christian

p.s.: In fact, the escaper should check if the string following the 
ampersand is an allowed entity. On the other hand, I feel that betwixt 
shouldn't do any value escaping at all - this should be the applications 
responsibility. Just my $.02...


Christian Aust
icq: 84500990 - Yahoo!: datenimperator - MSN: datenimperator
PGP: A94E 0181 664D 27E3 F05A  A751 6A7E 90D1 A0A3 DEC7

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message