You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Me again! I've circled back to iterating on serialization and deserialization again, and I have a combo question/proposition for a PR. My project talks to a server which speaks an idiosyncratic dialect of XML in which, for example, proper unescape behavior is to map " to ` (backtick). Furthermore, this dialect of XML does not encode ' (single quote/apostrophe) , but it does escape " (double quote). As it is, the unescape method evaluates standard named entities before it evaluates custom entities, so I can't implement my unescape behavior. Furthermore, escape only offers partial_escape and escape, without offering a resolver. I am willing to throw together a PR, but since there are security issues involved I first wanted to poll for thoughts on the changes I'm proposing, which are:
Inunescape_with, reverse the order of the checks for resolver and named entities, allowing users to override standard XML unescapes.
Create an escape_with family of functions which allow this kind of customization going the other way.
EDIT: Just to make clear, since the previous issue I raised here I have abandoned the serde API and am hand-parsing my structs use Reader
The text was updated successfully, but these errors were encountered:
Hi all,
Me again! I've circled back to iterating on serialization and deserialization again, and I have a combo question/proposition for a PR. My project talks to a server which speaks an idiosyncratic dialect of XML in which, for example, proper unescape behavior is to map " to ` (backtick). Furthermore, this dialect of XML does not encode ' (single quote/apostrophe) , but it does escape " (double quote). As it is, the unescape method evaluates standard named entities before it evaluates custom entities, so I can't implement my unescape behavior. Furthermore, escape only offers
partial_escapeandescape, without offering a resolver. I am willing to throw together a PR, but since there are security issues involved I first wanted to poll for thoughts on the changes I'm proposing, which are:In
unescape_with, reverse the order of the checks for resolver and named entities, allowing users to override standard XML unescapes.Create an
escape_withfamily of functions which allow this kind of customization going the other way.EDIT: Just to make clear, since the previous issue I raised here I have abandoned the serde API and am hand-parsing my structs use
ReaderThe text was updated successfully, but these errors were encountered: