Note: Still looking into this; it may simply be a case where really the user needs to know to escape these characters. In that case, it would at least be nice to issue a warning, if not perform the escaping automatically.
This is similar to #56 but not really about signing. The problem here is that passing a valid DN (see also RFC4514 and MSDN LDAP reference) as the publisher string can result in an invalid appxmanifest.xml file.
The cause of this appears to be the template rendering code here since it does not performance any escaping / sanitizing. Rather than attempt to modify that code to handle these cases, my suggestion would be to use an existing solution like _.template since this project is already using some lodash functionality.
Note: Still looking into this; it may simply be a case where really the user needs to know to escape these characters. In that case, it would at least be nice to issue a warning, if not perform the escaping automatically.
This is similar to #56 but not really about signing. The problem here is that passing a valid DN (see also RFC4514 and MSDN LDAP reference) as the publisher string can result in an invalid
appxmanifest.xml
file.The cause of this appears to be the template rendering code here since it does not performance any escaping / sanitizing. Rather than attempt to modify that code to handle these cases, my suggestion would be to use an existing solution like
_.template
since this project is already using somelodash
functionality.