Swiftdiff options
| -rw-r--r-- | Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp | 7 | ||||
| -rw-r--r-- | Swiften/Serializer/XML/XMLElement.cpp | 17 | ||||
| -rw-r--r-- | Swiften/Serializer/XML/XMLElement.h | 1 |
3 files changed, 18 insertions, 7 deletions
diff --git a/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp b/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp index ed3f8ab..ce6d7fa 100644 --- a/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp +++ b/Swiften/Serializer/XML/UnitTest/XMLElementTest.cpp | |||
| @@ -65,6 +65,13 @@ class XMLElementTest : public CppUnit::TestFixture | |||
| 65 | 65 | ||
| 66 | CPPUNIT_ASSERT_EQUAL(std::string("<foo myatt=\"\"/>"), testling.serialize()); | 66 | CPPUNIT_ASSERT_EQUAL(std::string("<foo myatt=\"\"/>"), testling.serialize()); |
| 67 | } | 67 | } |
| 68 | |||
| 69 | void testEscape_SpecialAttributeCharacters() { | ||
| 70 | auto testling = XMLElement::escapeAttributeValue(R"(<"'&>not escaped.)"); | ||
| 71 | |||
| 72 | CPPUNIT_ASSERT_EQUAL(std::string("<"'&>not escaped."), testling); | ||
| 73 | } | ||
| 74 | |||
| 68 | }; | 75 | }; |
| 69 | 76 | ||
| 70 | CPPUNIT_TEST_SUITE_REGISTRATION(XMLElementTest); | 77 | CPPUNIT_TEST_SUITE_REGISTRATION(XMLElementTest); |
diff --git a/Swiften/Serializer/XML/XMLElement.cpp b/Swiften/Serializer/XML/XMLElement.cpp index f2397ca..7515061 100644 --- a/Swiften/Serializer/XML/XMLElement.cpp +++ b/Swiften/Serializer/XML/XMLElement.cpp | |||
| @@ -39,14 +39,17 @@ std::string XMLElement::serialize() { | |||
| 39 | return result; | 39 | return result; |
| 40 | } | 40 | } |
| 41 | 41 | ||
| 42 | std::string XMLElement::escapeAttributeValue(std::string value) { | ||
| 43 | String::replaceAll(value, '&', "&"); | ||
| 44 | String::replaceAll(value, '<', "<"); | ||
| 45 | String::replaceAll(value, '>', ">"); | ||
| 46 | String::replaceAll(value, '\'', "'"); | ||
| 47 | String::replaceAll(value, '"', """); | ||
| 48 | return value; | ||
| 49 | } | ||
| 50 | |||
| 42 | void XMLElement::setAttribute(const std::string& attribute, const std::string& value) { | 51 | void XMLElement::setAttribute(const std::string& attribute, const std::string& value) { |
| 43 | std::string escapedValue(value); | 52 | attributes_[attribute] = escapeAttributeValue(value); |
| 44 | String::replaceAll(escapedValue, '&', "&"); | ||
| 45 | String::replaceAll(escapedValue, '<', "<"); | ||
| 46 | String::replaceAll(escapedValue, '>', ">"); | ||
| 47 | String::replaceAll(escapedValue, '\'', "'"); | ||
| 48 | String::replaceAll(escapedValue, '"', """); | ||
| 49 | attributes_[attribute] = escapedValue; | ||
| 50 | } | 53 | } |
| 51 | 54 | ||
| 52 | void XMLElement::addNode(std::shared_ptr<XMLNode> node) { | 55 | void XMLElement::addNode(std::shared_ptr<XMLNode> node) { |
diff --git a/Swiften/Serializer/XML/XMLElement.h b/Swiften/Serializer/XML/XMLElement.h index 54de041..db74626 100644 --- a/Swiften/Serializer/XML/XMLElement.h +++ b/Swiften/Serializer/XML/XMLElement.h | |||
| @@ -21,6 +21,7 @@ namespace Swift { | |||
| 21 | 21 | ||
| 22 | XMLElement(const std::string& tag, const std::string& xmlns = "", const std::string& text = ""); | 22 | XMLElement(const std::string& tag, const std::string& xmlns = "", const std::string& text = ""); |
| 23 | 23 | ||
| 24 | static std::string escapeAttributeValue(std::string value); | ||
| 24 | void setAttribute(const std::string& attribute, const std::string& value); | 25 | void setAttribute(const std::string& attribute, const std::string& value); |
| 25 | void addNode(std::shared_ptr<XMLNode> node); | 26 | void addNode(std::shared_ptr<XMLNode> node); |
| 26 | 27 | ||