pdfbox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From le...@apache.org
Subject svn commit: r1636140 - /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java
Date Sun, 02 Nov 2014 14:45:09 GMT
Author: lehmi
Date: Sun Nov  2 14:45:09 2014
New Revision: 1636140

URL: http://svn.apache.org/r1636140
Log:
PDFBOX-2419: escape special characters

Modified:
    pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java

Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java?rev=1636140&r1=1636139&r2=1636140&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFField.java Sun Nov
 2 14:45:09 2014
@@ -122,14 +122,21 @@ public class FDFField implements COSObje
     {
         output.write( "<field name=\"" + getPartialFieldName() + "\">\n");
         Object value = getValue();
-        if( value != null )
+        if( value != null)
         {
-            output.write( "<value>" + value + "</value>\n" );
+            if (value instanceof String)
+            {
+                output.write( "<value>" + escapeXML((String)value) + "</value>\n"
);
+            }
+            else if (value instanceof PDTextStream)
+            {
+                output.write( "<value>" + escapeXML(((PDTextStream)value).getAsString())
+ "</value>\n" );
+            }
         }
         PDTextStream rt = getRichText();
         if( rt != null )
         {
-            output.write( "<value-richtext>" + rt.getAsString() + "</value-richtext>\n"
);
+            output.write( "<value-richtext>" + escapeXML(rt.getAsString()) + "</value-richtext>\n"
);
         }
         List<FDFField> kids = getKids();
         if( kids != null )
@@ -743,4 +750,48 @@ public class FDFField implements COSObje
     {
         field.setItem( COSName.RV, rv );
     }
+    
+    /**
+     * Escape special characters.
+     * 
+     * @param input the string to be escaped
+     * 
+     * @return the resulting string
+     */
+    private String escapeXML(String input)
+    {
+        StringBuilder escapedXML = new StringBuilder();
+        for (int i = 0; i < input.length(); i++)
+        {
+            char c = input.charAt(i);
+            switch (c)
+            {
+            case '<':
+                escapedXML.append("&lt;");
+                break;
+            case '>':
+                escapedXML.append("&gt;");
+                break;
+            case '\"':
+                escapedXML.append("&quot;");
+                break;
+            case '&':
+                escapedXML.append("&amp;");
+                break;
+            case '\'':
+                escapedXML.append("&apos;");
+                break;
+            default:
+                if (c > 0x7e)
+                {
+                    escapedXML.append("&#" + ((int) c) + ";");
+                }
+                else
+                {
+                    escapedXML.append(c);
+                }
+            }
+        }
+        return escapedXML.toString();
+    }
 }



Mime
View raw message