search

rust-syndication / rss

Library for serializing the RSS web content syndication format
https://crates.io/crates/rss
Apache License 2.0
429 stars 53 forks source link

`]]>` in `CDATA` is not escaped #173

Closed Turbo87 closed 2 days ago

Turbo87 commented 5 days ago

In https://github.com/rust-syndication/rss/issues/167 it was clarified that no manual escaping of fields should be needed and that the description will be wrapped in a CDATA section for escaping purposes.

According to https://en.wikipedia.org/wiki/CDATA#Nesting ]]> in a CDATA section needs to be encoded as ]]]]><![CDATA[> to not accidentally close the CDATA section.

When I'm putting my test string ("let's try & break this <item> ]]>, shall we?") into the description field however, I currently see this in the output:

<description><![CDATA[let's try & break this <item> ]]>, shall we?]]></description>
Turbo87 commented 5 days ago

I've now also reported this at https://github.com/tafia/quick-xml/issues/831 to clarify who is supposed to take care of the escaping in this case.