XmlLayout allows output of invalid control characters.
Reported by Mike Blake-Knox with additional comments from Curt Arnold.
The XmlLayout encodes the character 0x1e as using the standard XML numeric character reference.
This character code is in a range which is not allowed to appear in XML 1.0 either as a un-encoded value or as a numeric character reference.
The valid character ranges are defined here in the XML recommendation:
Numeric character references are not able to express characters from outside these ranges.
The System.Xml.XmlTextWriter does not verify if the unicode character is valid in XML, but it does encode it as a numeric character reference if it cannot be expressed in the output encoding.
To complicate matters further XML 1.1 does allow further, so called restricted characters, to be included in the output if they are encoded as numeric character references. These ranges are:
See http://www.w3.org/TR/2004/REC-xml11-20040204/#charsets for details.