Currently the XmlSerializer does not escapes the '>' characters so a string like this:
<x id="START_ITALIC_TEXT" ctype="x-i" equiv-text="<i>"/>
becomes
<x id="START_ITALIC_TEXT" ctype="x-i" equiv-text="<i>"/>
This could easily be fixed by changing line 164 and 168 to include the '>' character
same with line 168:
return buf.push(textNode.data.replace(/[<&]/g, this._xmlEncoder));
becomes:
return buf.push(textNode.data.replace(/[<>&]/g, this._xmlEncoder));
Since the change is so small did not feel like creating a pull request. However if you prefer a pull request I will be glad to create one
It looks like this is not an oversight (and what I figured might be the case), but it looks like ">" "may" be escaped https://www.w3.org/TR/xml/#NT-AttValue
Currently the XmlSerializer does not escapes the '>' characters so a string like this:
<x id="START_ITALIC_TEXT" ctype="x-i" equiv-text="<i>"/>
becomes<x id="START_ITALIC_TEXT" ctype="x-i" equiv-text="<i>"/>
This could easily be fixed by changing line 164 and 168 to include the '>' character
this:
return buf.push(' ', attrNode.name, '="', attrNode.value.replace(/[<&"]/g, this._xmlEncoder), '"');
becomes:return buf.push(' ', attrNode.name, '="', attrNode.value.replace(/[<>&"]/g, this._xmlEncoder), '"');
same with line 168:
return buf.push(textNode.data.replace(/[<&]/g, this._xmlEncoder));
becomes:return buf.push(textNode.data.replace(/[<>&]/g, this._xmlEncoder));
Since the change is so small did not feel like creating a pull request. However if you prefer a pull request I will be glad to create one