xmldom icon indicating copy to clipboard operation
xmldom copied to clipboard

Published 20 hours ago verified publisher icon jindw

Encode ">" to > during serialization

Open private-face opened this issue 12 years ago • 10 comments

Symbol ">" is not properly encoded during serialization.

Test code:

var xmldom = require('xmldom');
var domparser = new xmldom.DOMParser;
var xmlserializer = new xmldom.XMLSerializer;

var dom = domparser.parseFromString('<node attr="&lt;&gt;">&lt;&gt;</node>');
var s = xmlserializer.serializeToString(dom);
console.log(s);

// outputs '<node attr="&lt;>">&lt;></node>'

private-face avatar Dec 31 '12 10:12 private-face

thanks it is not required

<node attr="1 &lt; 2 &amp;&amp; 2 > 1 "> &lt;> </node>

is well-formed xml

jindw avatar Dec 31 '12 10:12 jindw

Created foo.xml using this source.

<node attr="1 &lt; 2 && 2 > 1 ">
&lt;> 
</node>

Ran it through xmllint.

$ xmllint foo.xml 
foo.xml:1: parser error : xmlParseEntityRef: no name
<node attr="1 &lt; 2 && 2 > 1 ">
                      ^
foo.xml:1: parser error : xmlParseEntityRef: no name
<node attr="1 &lt; 2 && 2 > 1 ">

bigeasy avatar Dec 31 '12 10:12 bigeasy

to: bigeasy

hi, you are so fast always . ^_^

it's my fault, && is valid but > is well-formed

i think we need a config about whether the '>' is encoded; In order to meet everyone's taste:)

jindw avatar Dec 31 '12 10:12 jindw

I don't have an opinion. I might have had an opinion at the time of #25, but not today. With XML, valid is valid.

Is your primary objection that you don't want to rewrite your tests to expect an encoded >, or is it that you prefer to leave them unencoded as a matter of style?

bigeasy avatar Dec 31 '12 10:12 bigeasy

In the beginning, because of my lazy, as your said, keep it as a style is also good.

But I worry about this style may give the user some trouble.

For example: can't pass the tests.

jindw avatar Dec 31 '12 10:12 jindw

Yes, I was wrong, well-formed XML doesn't require escaping ">" inside character data.

i think we need a config about whether the '>' is encoded; In order to meet everyone's taste:)

However, at least Gecko and Webkit implementations of XMLSerializer do escape ">", so adding such option would be great not only for meeting everyone's taste but for better compatibility with browser javascript :)

private-face avatar Dec 31 '12 10:12 private-face

Note that escaping of ">" is required in attribute values but not in character data.

heycam avatar Jan 01 '13 02:01 heycam

Confirmed. We had issue when the serialized XML is parsed by .NET serializer.

sonkanit avatar Nov 13 '13 09:11 sonkanit

+1 for this. Not all XML validators are okay with '>'. Any chance of merging this soon?

omriyariv avatar Jan 19 '15 19:01 omriyariv

  • for this! Did the same fix locally but to be production safe i need to do a manual replace of >. Can you merge this soon!

ediri avatar Jun 24 '16 11:06 ediri