Skip Menu |
 

This queue is for tickets about the XML-Twig CPAN distribution.

Report information
The Basics
Id: 57389
Status: resolved
Priority: 0/
Queue: XML-Twig

People
Owner: Nobody in particular
Requestors: k.tchernov [...] gmail.com
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: 3.34
Fixed in: 3.35



Subject: Comments are not escaped
Download (untitled) / with headers
text/plain 260b
XML comments should not contain "--", Twig does not escape this sequence. If a comment field contains this value the generated XML is invalid. Steps to reproduce: my $el = XML::Twig::Elt->new('#COMMENT' => 'A -- B'); $el->print; output is: <!--A -- B-->
Subject: Re: [rt.cpan.org #57389] Comments are not escaped
Date: Wed, 12 May 2010 10:50:56 +0200
To: bug-XML-Twig [...] rt.cpan.org
From: mirod <xmltwig [...] gmail.com>
Download (untitled) / with headers
text/plain 756b
On 05/11/2010 10:45 PM, Konstantin Tchernov via RT wrote: Show quoted text
> Tue May 11 16:45:06 2010: Request 57389 was acted upon. > Transaction: Ticket created by ktchernov > Queue: XML-Twig > Subject: Comments are not escaped > Broken in: 3.34 > Severity: Important > Owner: Nobody > Requestors: k.tchernov@gmail.com > Status: new > Ticket<URL: https://rt.cpan.org/Ticket/Display.html?id=57389> > > > XML comments should not contain "--", Twig does not escape this sequence. > If a comment field contains this value the generated XML is invalid. > > Steps to reproduce: > > my $el = XML::Twig::Elt->new('#COMMENT' => 'A -- B'); > > $el->print; > > output is: > > <!--A -- B-->
Duh! Thanks, patch is on its way. -- mirod
From: k.tchernov [...] gmail.com
On Wed May 12 04:50:56 2010, xmltwig@gmail.com wrote: Show quoted text
> On 05/11/2010 10:45 PM, Konstantin Tchernov via RT wrote:
> > Tue May 11 16:45:06 2010: Request 57389 was acted upon. > > Transaction: Ticket created by ktchernov > > Queue: XML-Twig > > Subject: Comments are not escaped > > Broken in: 3.34 > > Severity: Important > > Owner: Nobody > > Requestors: k.tchernov@gmail.com > > Status: new > > Ticket<URL: https://rt.cpan.org/Ticket/Display.html?id=57389> > > > > > > XML comments should not contain "--", Twig does not escape this
sequence. Show quoted text
> > If a comment field contains this value the generated XML is invalid. > > > > Steps to reproduce: > > > > my $el = XML::Twig::Elt->new('#COMMENT' => 'A -- B'); > > > > $el->print; > > > > output is: > > > > <!--A -- B-->
> > Duh! > > Thanks, patch is on its way. >
I've got one more case for you, if the comment ends with "-" then the XML also gets broken: XML::Twig::Elt->new('#COMMENT' => 'A -')->print(); will give you a: "<!--A --->", which is also invalid.
Subject: Re: [rt.cpan.org #57389] Comments are not escaped
Date: Wed, 12 May 2010 23:02:27 +0200
To: bug-XML-Twig [...] rt.cpan.org
From: mirod <xmltwig [...] gmail.com>
Download (untitled) / with headers
text/plain 1.3k
On 05/12/2010 10:54 PM, Konstantin Tchernov via RT wrote: Show quoted text
> Queue: XML-Twig > Ticket<URL: https://rt.cpan.org/Ticket/Display.html?id=57389> > > On Wed May 12 04:50:56 2010, xmltwig@gmail.com wrote:
>> On 05/11/2010 10:45 PM, Konstantin Tchernov via RT wrote:
>>> Tue May 11 16:45:06 2010: Request 57389 was acted upon. >>> Transaction: Ticket created by ktchernov >>> Queue: XML-Twig >>> Subject: Comments are not escaped >>> Broken in: 3.34 >>> Severity: Important >>> Owner: Nobody >>> Requestors: k.tchernov@gmail.com >>> Status: new >>> Ticket<URL: https://rt.cpan.org/Ticket/Display.html?id=57389> >>> >>> >>> XML comments should not contain "--", Twig does not escape this
> sequence.
>>> If a comment field contains this value the generated XML is invalid. >>> >>> Steps to reproduce: >>> >>> my $el = XML::Twig::Elt->new('#COMMENT' => 'A -- B'); >>> >>> $el->print; >>> >>> output is: >>> >>> <!--A -- B-->
>> >> Duh! >> >> Thanks, patch is on its way. >>
> > I've got one more case for you, if the comment ends with "-" then the > XML also gets broken: > > XML::Twig::Elt->new('#COMMENT' => 'A -')->print(); > > will give you a: "<!--A --->", which is also invalid. >
Same if the comment starts with a single '-'. The development version at xmltwig.com/xmltwig/ is fixed. I will release a new version on CPAN this week. -- michel


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.