Opened 5 years ago

Closed 4 years ago

#6657 closed defect (worksforme)

XML special symbols in ticket content lead to invalid XML in response

Reported by: fazend Owned by: osimons
Priority: high Component: XmlRpcPlugin
Severity: major Keywords: XML
Cc: Trac Release: 0.11


When a ticket content has & (for example), than the ticket.get() call will return an XML, which is invalid.

I suppose we should parse such symbols and convert them to proper XML entities.

Attachments (0)

Change History (2)

comment:1 Changed 4 years ago by osimons

I have a feeling this happens on the client side, and your library don't encode the received data back as it should before passing using it in new xml. At the server-side we use xmlrpclib to do this, and it works like this:

>>> from xmlrpclib import dumps, loads
>>> dumps(('1 & 2',))
'<params>\n<param>\n<value><string>1 &amp; 2</string></value>\n</param>\n</params>\n'
>>> loads('<params>\n<param>\n<value><string>1 &amp; 2</string></value>\n</param>\n</params>\n')
(('1 & 2',), None)

So, before passing the content back you need to be sure it gets encoded by your client / library of choice. The server expects this to be encoded. I'm not sure what the error message on server is (haven't tested) but we could likely add a test for this just to see what happens :-)

comment:2 Changed 4 years ago by osimons

  • Resolution set to worksforme
  • Status changed from new to closed

In [9262] I've added a functional test for this too, and I can see nothing wrong in the RPC implementation - or accessing it using Python xmlrpclib. This must be an issue with some other client library.

Add Comment

Modify Ticket

as closed .
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.