[GROOVY-1306] MarkupBuilder does not escape strings with newlines - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0-JSR-5
Fix Version/s: 1.0-RC-1
Component/s: None
Labels:
None
Environment:
sun JDK 1.5.0_05-b05. Ubuntu linux.

Description

element values and attributes are not escaped if they contain a newline.

This script:

import groovy.xml.MarkupBuilder

xml = new MarkupBuilder()

xml.body {
xml.text("not escaped: & < >\n & < >")
}

produces this output:

<body>
<text>not escaped: & < >
& < ></text>
</body>

if I remove the newline in the text I get the correct output:

// newline removed
import groovy.xml.MarkupBuilder

xml = new MarkupBuilder()

xml.body {
xml.text("not escaped: & < > & < >")
}

output:

<body>
<text>not escaped: & < > & < ></text>
</body>

I've worked around this by subclassing MarkupBuilder and calling org.apache.commons.lang.StringEscapeUtils.escapeHtml in transformValue. Similar escaping needs to be done in MarkupBuilder.

import org.apache.commons.lang.StringEscapeUtils;

class EscapingMarkupBuilder extends MarkupBuilder {
public EscapingMarkupBuilder(PrintWriter writer)

{ super(writer); }

// use alternate escaping to work around the bug.
protected String transformValue(String value)

{ return StringEscapeUtils.escapeHtml(value); }

}

Attachments

Activity

People

Assignee:: Guillaume Sauthier

Reporter:: Derek Young

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 03/May/06 08:36

Updated:: 09/Dec/06 09:28

Resolved:: 09/Dec/06 09:28