Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-3553

mod_dav_svn not XML-escaping hook error messages

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.6.x
    • 1.7.0
    • mod_dav_svn
    • None

    Description

      If a post-revprop-change script fails and outputs an error message that includes
      XML mark-up characters such as '&' and '<', and sends it to the client over DAV
      (RA-neon or RA-serf), the client does not see that message but instead sees an
      error message about invalid XML.
      
      The server should escape the special characters before embedding the text into
      an XML document, but it does not.
      
      Reported by David Trombley in
      <http://svn.haxx.se/users/archive-2007-05/0016.shtml> (version 1.4.3 (r23084),
      ra_dav /w neon 0.25.5), and by Jon Foster in
      <http://svn.haxx.se/dev/archive-2009-12/0300.shtml> (version 1.6.6, ra_dav).
      

      Attachments

        Activity

          People

            Unassigned Unassigned
            julianfoad Julian Foad
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: