lucene-solr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Hatcher <e...@ehatchersolutions.com>
Subject XMLWriter escaping issue
Date Fri, 21 Apr 2006 13:49:08 GMT
I encountered an escaping issue with XMLWriter.  Locally I've added  
the following test to BasicFunctionalityTest to demonstrate:

   public void testXMLWriter() throws Exception {

     SolrQueryResponse rsp = new SolrQueryResponse();
     rsp.add("\"quoted\"", "value");

     StringWriter writer = new StringWriter(32000);
     XMLWriter.writeResponse(writer,req("foo"),rsp);

     System.out.println("writer.toString() = " + writer.toString());
     DocumentBuilder builder = DocumentBuilderFactory.newInstance 
().newDocumentBuilder();
     builder.parse(new ByteArrayInputStream
                              (writer.toString().getBytes("UTF-8")));
   }


Quotes within XML attributes cause invalid XML to be generated.

I've corrected this in my local copy with this patch adding the  
escaping to attribute names and the &quot; to XML.chardata_escapes.   
The question is, is it appropriate to escape quotes everywhere, or  
should it just be done when writing attribute values?  It should be  
fine to do it across the board for attribute values and element text,  
but I wanted to verify that with solr-dev before committing it.

Comments?

	Erik



Index: src/java/org/apache/solr/request/XMLWriter.java
===================================================================
--- src/java/org/apache/solr/request/XMLWriter.java     (revision  
395873)
+++ src/java/org/apache/solr/request/XMLWriter.java     (working copy)
@@ -178,7 +178,7 @@
      writer.write(tag);
      if (name!=null) {
        writer.write(" name=\"");
-      writer.write(name);
+      XML.escapeCharData(name, writer);
        if (closeTag) {
          writer.write("\"/>");
        } else {
Index: src/java/org/apache/solr/util/XML.java
===================================================================
--- src/java/org/apache/solr/util/XML.java      (revision 395873)
+++ src/java/org/apache/solr/util/XML.java      (working copy)
@@ -32,7 +32,7 @@
    // many chars less than 0x20 are *not* valid XML, even when escaped!
    // for example, <foo>&#0;<foo> is invalid XML.
    private static final String[] chardata_escapes=
-   
{"#0;","#1;","#2;","#3;","#4;","#5;","#6;","#7;","#8;",null,null,"#11;", 
"#12;",null,"#14;","#15;","#16;","#17;","#18;","#19;","#20;","#21;","#22 
;","#23;","#24;","#25;","#26;","#27;","#28;","#29;","#30;","#31;",null,n 
ull,null,null,null,null,"&amp;",null,null,null,null,null,null,null,null, 
null,null,null,null,null,null,null,null,null,null,null,null,null,"&lt;"} 
;
+   
{"#0;","#1;","#2;","#3;","#4;","#5;","#6;","#7;","#8;",null,null,"#11;", 
"#12;",null,"#14;","#15;","#16;","#17;","#18;","#19;","#20;","#21;","#22 
;","#23;","#24;","#25;","#26;","#27;","#28;","#29;","#30;","#31;",null,n 
ull,"&quot;",null,null,null,"&amp;",null,null,null,null,null,null,null,n 
ull,null,null,null,null,null,null,null,null,null,null,null,null,null,"&l 
t;"};


Mime
View raw message