search

michaelkourlas / node-js2xmlparser

Popular Node.js module for parsing JavaScript objects into XML
https://www.npmjs.org/package/js2xmlparser
Apache License 2.0
221 stars 52 forks source link

The library doesn't parse the 5 special characters properly #84

Closed kevincai79 closed 4 years ago

kevincai79 commented 4 years ago

The library doesn't parse 3 special characters for Single Quote('), Double Quote("), and Greater Than(>)

while it parses other 2 special characters Ampersand(&) and Less Than(<)

michaelkourlas commented 4 years ago

Can you provide an example demonstrating the problem?

kevincai79 commented 4 years ago

Thanks a lot for providing this great library, it makes much easier for us to create sitemaps with cleaner way.

Before using js2xmlparser, our data to create sitemaps had &amp; as & is one of the 5 special characters need to escape in XML. For example in our xml sitemap we wanted a url to be /customerService/info.do?id=someID&cs=track_your_order , our original data to create the url was /customerService/info.do?id=someID&amp;cs=track_your_order.

After using the library, by using the original data, we found the url at the source page became: /customerService/info.do?id=someID&amp;amp;cs=track_your_order which means & was parsed correctly. Therefore we changed all our original data &amp; to & which is great.

As there are other 4 special characters other than &, we tested them as well. Original data <, result is &lt; Original data >, result is > Original data ', result is ' Original data ", result is "

Conclusion: looks like the library parses & and <, but it doesn't parse >, ' and ".

michaelkourlas commented 4 years ago

The XML spec doesn't actually require that >, ', or " be escaped in all contexts, only in specific contexts. > has to be escaped in a CDATA terminator, while ' and " may have to be escaped in an attribute value.