New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'<' and '>' are not escaped in attribute values #198
Comments
to produce well formed XML. > Well-formedness constraint: No `<` in Attribute Values > The replacement text of any entity referred to directly or indirectly in an attribute value must not contain a `<`. https://www.w3.org/TR/xml/#CleanAttrVals https://www.w3.org/TR/xml/#NT-AttValue fixes xmldom#198
@zy-serguei thx for reporting this. Just some details about why I didn't also add escaping for According to the specs I linked in the PR #199, the We are dealing with similar issues in the same way, see #58 . |
* fix: Escape `<` when serializing attribute values to produce well formed XML. > Well-formedness constraint: No `<` in Attribute Values > The replacement text of any entity referred to directly or indirectly in an attribute value must not contain a `<`. https://www.w3.org/TR/xml/#CleanAttrVals https://www.w3.org/TR/xml/#NT-AttValue fixes #198 Co-authored-by: Chris Brody <chris.brody+brodybits@gmail.com>
…1974) * bump xmldom to 0.6.0 to avoid bug where it keeps "<" in attributes see xmldom/xmldom#198 * add test which fails on version of 0.5.0 because of bad serialization * add valid entity serialization test * move serialization test down to serializer package instead of up at transformer level * better test name not referencing round trip Co-authored-by: Michael Belousov <MichaelBelousov@users.noreply.github.com>
…1974) * bump xmldom to 0.6.0 to avoid bug where it keeps "<" in attributes see xmldom/xmldom#198 * add test which fails on version of 0.5.0 because of bad serialization * add valid entity serialization test * move serialization test down to serializer package instead of up at transformer level * better test name not referencing round trip Co-authored-by: Michael Belousov <MichaelBelousov@users.noreply.github.com> (cherry picked from commit 97a229f) # Conflicts: # common/config/rush/pnpm-lock.yaml
…ackport #1974) (#1994) * bump xmldom to 0.6.0 to avoid bug where it keeps "<" in attributes (#1974) * bump xmldom to 0.6.0 to avoid bug where it keeps "<" in attributes see xmldom/xmldom#198 * add test which fails on version of 0.5.0 because of bad serialization * add valid entity serialization test * move serialization test down to serializer package instead of up at transformer level * better test name not referencing round trip Co-authored-by: Michael Belousov <MichaelBelousov@users.noreply.github.com> (cherry picked from commit 97a229f) # Conflicts: # common/config/rush/pnpm-lock.yaml * pushed merged pnpm-lock Co-authored-by: Michael Belousov <mike.belousov@bentley.com> Co-authored-by: Michael Belousov <MichaelBelousov@users.noreply.github.com>
…1974) * bump xmldom to 0.6.0 to avoid bug where it keeps "<" in attributes see xmldom/xmldom#198 * add test which fails on version of 0.5.0 because of bad serialization * add valid entity serialization test * move serialization test down to serializer package instead of up at transformer level * better test name not referencing round trip Co-authored-by: Michael Belousov <MichaelBelousov@users.noreply.github.com>
…1974) * bump xmldom to 0.6.0 to avoid bug where it keeps "<" in attributes see xmldom/xmldom#198 * add test which fails on version of 0.5.0 because of bad serialization * add valid entity serialization test * move serialization test down to serializer package instead of up at transformer level * better test name not referencing round trip Co-authored-by: Michael Belousov <MichaelBelousov@users.noreply.github.com>
Is there a way I can force escaping of |
@retorquere No, there is no such option at the moment. Please add any relevant information that is not already part of the discussion to #58, since this issue has already been closed. |
Serializer does not escape < and > characters in attribute values
const doc = new DOMParser().parseFromString('<a a="<>"/>');
const result = new XMLSerializer().serializeToString(doc);
result is
<a a="<>"/>
, which is invalid xmlThe text was updated successfully, but these errors were encountered: