Invalid XML

I am getting several orders with Credit card payment declined: SGS-020003: Invalid XML. When I look into these orders they all have a product with a text field attribute on them that has a < symbol in it. Orders without the symbol process fine. I know that there is already a function to remove ampersands and single quotes from the xml, this seems like a simple oversight.

Comments

bkosborne’s picture

Comment #1

English

New Jersey, USA

commented 30 March 2011 at 22:31

Thanks for bringing this up... I will add to the cleansing function

Log in or register to post comments

bkosborne’s picture

Comment #2

English

New Jersey, USA

commented 31 March 2011 at 02:36

Status:

Active

» Fixed

This has been fixed in Git.

Log in or register to post comments

Comment #3

14 April 2011 at 02:41

Status:

Fixed

» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

Log in or register to post comments

Comment #4

jrust commented 10 May 2011 at 00:17

Status:

Closed (fixed)

» Active

This actually breaks everything by escaping all < and >.

Log in or register to post comments

Comment #5

jrust commented 10 May 2011 at 00:19

Status:

Active

» Fixed

Only escaping the notes field now which is the only place that should have user-input characters that could break the xml.

Log in or register to post comments

bkosborne’s picture

Comment #6

English

New Jersey, USA

commented 10 May 2011 at 00:20

Wow... can't believe I did that one lol... Thanks

Log in or register to post comments

Comment #7

24 May 2011 at 00:22

Status:

Fixed

» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

Log in or register to post comments