xml encoding

When the XML output is generated various of pieces of information are plugged into an XML template. Not of this data is encoded and this can break the generated XML.

For example, if your site slogan contains something like " ", this ends up in the description and then in the XML output as is, but the & needs to be encoded.

Couple of issues here. When using Drupal variables you may want to scrub all HTML tags. Second, all content plugged into XML needs to be encoded.

Comment	File	Size	Author
#2	xmlescape.patch	1.08 KB	mariuss

Comments

Comment #1

mariuss commented 10 July 2008 at 16:38

Here is the slogan example again: " "

Log in or register to post comments

Comment #2

mariuss commented 11 July 2008 at 00:47

Status	File	Size
new	xmlescape.patch	1.08 KB

Attached a patch, against CVS version, branch of Drupal 5.

Log in or register to post comments

robloach’s picture

Comment #3

he/him

commented 11 July 2008 at 18:28

Version:	5.x-1.1	» 6.x-1.x-dev
Status:	Active	» Fixed

Thanks a lot, mariuss! Committed to both Drupal 5 and 6 branches.....
http://drupal.org/cvs?commit=126873
http://drupal.org/cvs?commit=126872

Log in or register to post comments

Comment #4

Anonymous (not verified) commented 31 July 2008 at 04:47

Status:

Fixed

» Closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.

Log in or register to post comments