Download & Extend
OpenSearch Plugin » Issues

xml encoding

Posted by mariuss on July 10, 2008 at 4:32pm
Project:OpenSearch Plugin
Version:6.x-1.x-dev
Component:Code
Category:bug report
Priority:critical
Assigned:Unassigned
Status:closed (fixed)

Issue Summary

When the XML output is generated various of pieces of information are plugged into an XML template. Not of this data is encoded and this can break the generated XML.

For example, if your site slogan contains something like " ", this ends up in the description and then in the XML output as is, but the & needs to be encoded.

Couple of issues here. When using Drupal variables you may want to scrub all HTML tags. Second, all content plugged into XML needs to be encoded.

Login or register to post comments

Comments

#1

Posted by mariuss on July 10, 2008 at 4:38pm

Here is the slogan example again: " "

#2

Posted by mariuss on July 11, 2008 at 12:47am

Attached a patch, against CVS version, branch of Drupal 5.

AttachmentSize
xmlescape.patch 1.08 KB

#3

Posted by Rob Loach on July 11, 2008 at 6:28pm
Version:5.x-1.1» 6.x-1.x-dev
Status:active» fixed

Thanks a lot, mariuss! Committed to both Drupal 5 and 6 branches.....
http://drupal.org/cvs?commit=126873
http://drupal.org/cvs?commit=126872

#4

Posted by Anonymous (not verified) on July 31, 2008 at 4:47am
Status:fixed» closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.