It is necessary that strings are xml escaped, however title and subtitle are not escaped in feeds created by the atom module. If the site title contains "&", then the atom/feed will guaranteed to be invalid. This issue is a blocker for sites such as http://wso2.org (The patch is now applied).

The attached patch uses php built in function htmlentities function to encode the title and the subtitle.

CommentFileSizeAuthor
atom.module.patch1.11 KBmohanjith
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

mohanjith’s picture

Status: Active » Needs review
mohanjith’s picture

Assigned: mohanjith » Unassigned
deekayen’s picture

Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.