search

Leonidas-from-XIV / node-xml2js

XML to JavaScript object converter.
MIT License
4.84k stars 596 forks source link

Regressions when trying to update to 0.5.0 #677

Closed Limesior closed 1 year ago

Limesior commented 1 year ago

Hello, i am currently working on a project using xml2js. I am trying to uodate to the 0.5.0 version to fix the CVE-2023-0842. I am currently facing some regressions.

Sample of the XML we are using in our testing:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RegisterSearch TotalResultsOnPage="13" TotalResults="13" TotalPages="1" PageSize="100" CurrentPage="1">
    <SearchResults>
        <Document DocumentId="1348828088811869309">
</Document>
</SearchResults>
</RegisterSearch>

This is the expected result (0.4.22):

{
  RegisterSearch: {
    '$': {
      TotalResultsOnPage: '13',
      TotalResults: '13',
      TotalPages: '1',
      PageSize: '100',
      CurrentPage: '1'
    },
    SearchResults: [ [Object] ]
  }
}

This is the result in 0.5.0 :

[Object: null prototype] {
  RegisterSearch: [Object: null prototype] {
    '$': [Object: null prototype] {
      TotalResultsOnPage: '13',
      TotalResults: '13',
      TotalPages: '1',
      PageSize: '100',
      CurrentPage: '1'
    },
    SearchResults: [ [Object: null prototype] ]
  }
}

The only way we found to work around this problem is this dirty solution :

const parser = new Parser(options);
let convert = await parser.parseStringPromise(data);
return (JSON.parse(JSON.stringify(convert)));

I have set up a stackblitz for you to test. Thanks in advance !

Leonidas-from-XIV commented 1 year ago

Yes, this is due to the change to fix a CVE. There is a PR to fix this in a more compatible way.

Limesior commented 1 year ago

Oh great ! I will wait for the merge then, thank you

Leonidas-from-XIV commented 1 year ago

I've released 0.6.0, this should fix the issue.