terencehonles
commented
3 years ago It looks like this is not an oversight (and what I figured might be the case), but it looks like ">" "may" be escaped https://www.w3.org/TR/xml/#NT-AttValue
Open sbaramov opened 4 years ago
terencehonles
commented
3 years ago It looks like this is not an oversight (and what I figured might be the case), but it looks like ">" "may" be escaped https://www.w3.org/TR/xml/#NT-AttValue
Currently the XmlSerializer does not escapes the '>' characters so a string like this:
<x id="START_ITALIC_TEXT" ctype="x-i" equiv-text="<i>"/>becomes<x id="START_ITALIC_TEXT" ctype="x-i" equiv-text="<i>"/>This could easily be fixed by changing line 164 and 168 to include the '>' character
this:
return buf.push(' ', attrNode.name, '="', attrNode.value.replace(/[<&"]/g, this._xmlEncoder), '"');becomes:return buf.push(' ', attrNode.name, '="', attrNode.value.replace(/[<>&"]/g, this._xmlEncoder), '"');same with line 168:
return buf.push(textNode.data.replace(/[<&]/g, this._xmlEncoder));becomes:return buf.push(textNode.data.replace(/[<>&]/g, this._xmlEncoder));Since the change is so small did not feel like creating a pull request. However if you prefer a pull request I will be glad to create one