Entity reference causes DocumentFragment to lowercase attribute names #961

bhollis · 2013-08-25T07:41:43Z

Using Nokogiri 1.6.0 on Ruby 2.0.0p0 (OSX)

require 'nokogiri'

xml = '<foo>
<svg viewBox="0 0 30 16"/>
Hey what?
</foo>'

bad_xml = '<foo>
<svg viewBox="0 0 30 16"/>
Hey &otimes; what?
</foo>'

d = Nokogiri::XML::Document.new
frag = Nokogiri::XML::DocumentFragment.new(d, xml, d)
bad_frag = Nokogiri::XML::DocumentFragment.new(d, bad_xml, d)
puts "GOOD: #{frag.to_s}"
puts "BAD: #{bad_frag.to_s}"

parse = Nokogiri::XML::DocumentFragment.parse(bad_xml)
puts "BONUS: #{parse.to_s}"

This prints:

GOOD: <foo>
<svg viewBox="0 0 30 16"/>
Hey what?
</foo>
BAD: <foo><svg viewbox="0 0 30 16"/>
Hey &#x2297; what?
</foo>
BONUS: <foo>
<svg viewBox="0 0 30 16"/>
Hey  what?
</foo>

What's happening here is that adding the &otimes; reference causes the document fragment to lowercase the viewBox attribute!

As a bonus, if I use the normal DocumentFragment.parse method, I just don't get any entity at all.

It's important to use an "uncommon" entity reference - stuff like & or → doesn't trigger this bug.

The text was updated successfully, but these errors were encountered:

bhollis · 2013-08-31T05:22:02Z

More weirdness:

bad_xml = '<foo>
<svg viewBox="0 0 30 16"/>
Hey &otimes; what?
</foo>'

bad_xml_with_doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<foo>
<svg viewBox="0 0 30 16"/>
Hey &otimes; what?
</foo>'

puts "With DOCTYPE"
puts Nokogiri::XML(bad_xml_with_doctype).root.to_xml

puts "But not as a Fragment:"
puts Nokogiri::XML(bad_xml_with_doctype).fragment(bad_xml).to_xml

Produces:

With DOCTYPE
<foo>
<svg viewBox="0 0 30 16"/>
Hey &otimes; what?
</foo>
But not as a Fragment:
<foo><svg viewbox="0 0 30 16"/>
Hey &#x2297; what?
</foo>

So even when I have a nice document parsed with a doctype, creating a fragment off that lowercases the attributes!

stadelmanma · 2018-03-05T13:00:53Z

Was this ever determined to be a bug or expected behavior? Since needing to add .gsub(/&(?!amp;)/, '&') in odd places doesn't seem like a good fix to me.

Without this Nokogiri will downcase the attributes for some reason which I assume must be expected behavior since the issue hasn't been fixed. Issue Reference: sparklemotion/nokogiri#961

This appears to be needed due to a long standing bug in nokogiri, see commits below. All '&' now get replaced with '&'. * Escape all ampersands in relationship nodes with '&' Without this Nokogiri will downcase the attributes for some reason which I assume must be expected behavior since the issue hasn't been fixed. Issue Reference: sparklemotion/nokogiri#961 * Update HTML insertion integration test This test ensures URL get their ampeersands escaped correctly without interfering with ones that are already escaped.

flavorjones · 2022-01-06T18:54:58Z

This is fixed on main by 38c2f16, see #1158 for a related bug report and additional context. This will be fixed in the next release of Nokogiri, v1.13.0 (sometime in the next few days).

bhollis mentioned this issue Aug 25, 2013

Switch to generating HTML ourselves bhollis/maruku#99

Closed

stadelmanma mentioned this issue Mar 5, 2018

Exporting an a Tag with & character in the href the exported file is corrupted senny/sablon#94

Closed

flavorjones closed this as completed Jan 6, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Entity reference causes DocumentFragment to lowercase attribute names #961

Entity reference causes DocumentFragment to lowercase attribute names #961

bhollis commented Aug 25, 2013

bhollis commented Aug 31, 2013

stadelmanma commented Mar 5, 2018

flavorjones commented Jan 6, 2022

Entity reference causes DocumentFragment to lowercase attribute names #961

Entity reference causes DocumentFragment to lowercase attribute names #961

Comments

bhollis commented Aug 25, 2013

bhollis commented Aug 31, 2013

stadelmanma commented Mar 5, 2018

flavorjones commented Jan 6, 2022