Bug 105960: xml.cgi generates invalid XML - Patch by Kip Hampton <khampton@totalcinem...

author lpsolit%gmail.com <>

Tue, 30 Dec 2008 01:38:48 +0000 (01:38 +0000)

committer lpsolit%gmail.com <>

Tue, 30 Dec 2008 01:38:48 +0000 (01:38 +0000)
author lpsolit%gmail.com <>
Tue, 30 Dec 2008 01:38:48 +0000 (01:38 +0000)
committer lpsolit%gmail.com <>
Tue, 30 Dec 2008 01:38:48 +0000 (01:38 +0000)
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm

index a8ba2d81c333c4e85b6826932e7954b99722455c..982e34c9321f72ee9bc6da294f29622e588060da 100644 (file)
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -201,6 +201,16 @@ sub xml_quote {
      $var =~ s/>/\&gt;/g;
      $var =~ s/\"/\&quot;/g;
      $var =~ s/\'/\&apos;/g;
+    
+    # the following nukes characters disallowed by the XML 1.0
+    # spec, Production 2.2. 1.0 declares that only the following 
+    # are valid:
+    # (#x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF])
+    $var =~ s/([\x{0001}-\x{0008}]|
+               [\x{000B}-\x{000C}]|
+               [\x{000E}-\x{0019}]|
+               [\x{D800}-\x{DFFF}]|
+               [\x{FFFE}-\x{FFFF}])//gx;
      return $var;
  }
author	lpsolit%gmail.com <>
	Tue, 30 Dec 2008 01:38:48 +0000 (01:38 +0000)
committer	lpsolit%gmail.com <>
	Tue, 30 Dec 2008 01:38:48 +0000 (01:38 +0000)