php-ups-api icon indicating copy to clipboard operation
php-ups-api copied to clipboard
verified publisher icon gabrielbull

Address can not contain "&" character

Open Nemo64 opened this issue 2 years ago • 0 comments

When I try to book something, using this SDK, that has the & character in the name, like a company "example GmbH & Co. KG", then I get the following error:

DOMDocument::createElement(): unterminated entity reference

So that means, all the createElement calls that have a value directly given can throw this error.
I build a small demo: https://onlinephp.io?s=s7EvyCjg5eLlUknJT1awVchLLVdw8fd1yU8uzU3NK9HQtAZK5eWnpALlQEp07ZKLUhNLUl1zUsHyShW5OUo6CkoZiTk5-QpqCuWpOSVKYE1gxYkFBal5Kc4ZmTkpGmBjQFKpyRn5UMOKE8tSI3x9gNYAAA%2C%2C&v=8.2.7

I looked though the source code and that way of setting the value of an xml node is used a lot. All of these have this potential escaping issue.

Nemo64 avatar Jun 22 '23 11:06 Nemo64