Closed Limesior closed 1 year ago
Hello, i am currently working on a project using xml2js. I am trying to uodate to the 0.5.0 version to fix the CVE-2023-0842. I am currently facing some regressions.
Sample of the XML we are using in our testing:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <RegisterSearch TotalResultsOnPage="13" TotalResults="13" TotalPages="1" PageSize="100" CurrentPage="1"> <SearchResults> <Document DocumentId="1348828088811869309"> </Document> </SearchResults> </RegisterSearch>
This is the expected result (0.4.22):
{ RegisterSearch: { '$': { TotalResultsOnPage: '13', TotalResults: '13', TotalPages: '1', PageSize: '100', CurrentPage: '1' }, SearchResults: [ [Object] ] } }
This is the result in 0.5.0 :
[Object: null prototype] { RegisterSearch: [Object: null prototype] { '$': [Object: null prototype] { TotalResultsOnPage: '13', TotalResults: '13', TotalPages: '1', PageSize: '100', CurrentPage: '1' }, SearchResults: [ [Object: null prototype] ] } }
The only way we found to work around this problem is this dirty solution :
const parser = new Parser(options); let convert = await parser.parseStringPromise(data); return (JSON.parse(JSON.stringify(convert)));
I have set up a stackblitz for you to test. Thanks in advance !
Yes, this is due to the change to fix a CVE. There is a PR to fix this in a more compatible way.
Oh great ! I will wait for the merge then, thank you
I've released 0.6.0, this should fix the issue.
Hello, i am currently working on a project using xml2js. I am trying to uodate to the 0.5.0 version to fix the CVE-2023-0842. I am currently facing some regressions.
Sample of the XML we are using in our testing:
This is the expected result (0.4.22):
This is the result in 0.5.0 :
The only way we found to work around this problem is this dirty solution :
I have set up a stackblitz for you to test. Thanks in advance !