Swiftdiff options
| -rw-r--r-- | Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp | 7 | ||||
| -rw-r--r-- | Swiften/Serializer/XML/XMLElement.cpp | 17 | ||||
| -rw-r--r-- | Swiften/Serializer/XML/XMLElement.h | 1 |
3 files changed, 18 insertions, 7 deletions
diff --git a/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp b/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp index ed3f8ab..ce6d7fa 100644 --- a/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp +++ b/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp @@ -59,12 +59,19 @@ class XMLElementTest : public CppUnit::TestFixture CPPUNIT_ASSERT_EQUAL(std::string("<foo myatt=\"<"'&>\"/>"), testling.serialize()); } void testSerialize_EmptyAttributeValue() { XMLElement testling("foo"); testling.setAttribute("myatt", ""); CPPUNIT_ASSERT_EQUAL(std::string("<foo myatt=\"\"/>"), testling.serialize()); } + + void testEscape_SpecialAttributeCharacters() { + auto testling = XMLElement::escapeAttributeValue(R"(<"'&>not escaped.)"); + + CPPUNIT_ASSERT_EQUAL(std::string("<"'&>not escaped."), testling); + } + }; CPPUNIT_TEST_SUITE_REGISTRATION(XMLElementTest); diff --git a/Swiften/Serializer/XML/XMLElement.cpp b/Swiften/Serializer/XML/XMLElement.cpp index f2397ca..7515061 100644 --- a/Swiften/Serializer/XML/XMLElement.cpp +++ b/Swiften/Serializer/XML/XMLElement.cpp @@ -33,26 +33,29 @@ std::string XMLElement::serialize() { } result += "</" + tag_ + ">"; } else { result += "/>"; } return result; } +std::string XMLElement::escapeAttributeValue(std::string value) { + String::replaceAll(value, '&', "&"); + String::replaceAll(value, '<', "<"); + String::replaceAll(value, '>', ">"); + String::replaceAll(value, '\'', "'"); + String::replaceAll(value, '"', """); + return value; +} + void XMLElement::setAttribute(const std::string& attribute, const std::string& value) { - std::string escapedValue(value); - String::replaceAll(escapedValue, '&', "&"); - String::replaceAll(escapedValue, '<', "<"); - String::replaceAll(escapedValue, '>', ">"); - String::replaceAll(escapedValue, '\'', "'"); - String::replaceAll(escapedValue, '"', """); - attributes_[attribute] = escapedValue; + attributes_[attribute] = escapeAttributeValue(value); } void XMLElement::addNode(std::shared_ptr<XMLNode> node) { if (node) { childNodes_.push_back(node); } } } diff --git a/Swiften/Serializer/XML/XMLElement.h b/Swiften/Serializer/XML/XMLElement.h index 54de041..db74626 100644 --- a/Swiften/Serializer/XML/XMLElement.h +++ b/Swiften/Serializer/XML/XMLElement.h @@ -15,18 +15,19 @@ #include <Swiften/Serializer/XML/XMLNode.h> namespace Swift { class SWIFTEN_API XMLElement : public XMLNode { public: typedef std::shared_ptr<XMLElement> ref; XMLElement(const std::string& tag, const std::string& xmlns = "", const std::string& text = ""); + static std::string escapeAttributeValue(std::string value); void setAttribute(const std::string& attribute, const std::string& value); void addNode(std::shared_ptr<XMLNode> node); virtual std::string serialize(); private: std::string tag_; std::map<std::string, std::string> attributes_; std::vector< std::shared_ptr<XMLNode> > childNodes_; |