Modify

Opened 14 years ago

Closed 13 years ago

#6657 closed defect (worksforme)

XML special symbols in ticket content lead to invalid XML in response

Reported by: fazend Owned by: osimons
Priority: high Component: XmlRpcPlugin
Severity: major Keywords: XML
Cc: Trac Release: 0.11

Description

When a ticket content has & (for example), than the ticket.get() call will return an XML, which is invalid.

I suppose we should parse such symbols and convert them to proper XML entities.

Attachments (0)

Change History (2)

comment:1 Changed 13 years ago by osimons

I have a feeling this happens on the client side, and your library don't encode the received data back as it should before passing using it in new xml. At the server-side we use xmlrpclib to do this, and it works like this:

>>> from xmlrpclib import dumps, loads
>>> dumps(('1 & 2',))
'<params>\n<param>\n<value><string>1 &amp; 2</string></value>\n</param>\n</params>\n'
>>> loads('<params>\n<param>\n<value><string>1 &amp; 2</string></value>\n</param>\n</params>\n')
(('1 & 2',), None)

So, before passing the content back you need to be sure it gets encoded by your client / library of choice. The server expects this to be encoded. I'm not sure what the error message on server is (haven't tested) but we could likely add a test for this just to see what happens :-)

comment:2 Changed 13 years ago by osimons

Resolution: worksforme
Status: newclosed

In [9262] I've added a functional test for this too, and I can see nothing wrong in the RPC implementation - or accessing it using Python xmlrpclib. This must be an issue with some other client library.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain osimons.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.