search

usnistgov / xslt-blender

XML/XSLT processing in the browser, supported by a Typescript library
Other
7 stars 2 forks source link

JSON reader fails on unescaped '<' or '&' #62

Closed wendellpiez closed 2 months ago

wendellpiez commented 1 year ago

The function currently does not escape open markup delimiters when writing contents, hence the literal XML written by the object-scraper comes out unreadable.

Solution is to regex/replace < and & in string content with their escaped forms, to represent them as literals.

A simple object for testing:

{ "key": "tiny bitto JSON < & >" }

comes out

<map xmlns="http://www.w3.org/2005/xpath-functions">
   <string key="key">tiny bitto JSON &lt; &amp; ></string>
</map>

Note the > is a red herring - it does not need to be escaped.

wendellpiez commented 1 year ago

when obj is a string --

obj.replaceAll('&','&amp;').replaceAll('<','&lt;')

goes around line 61 or so of json-reader.html.

wendellpiez commented 2 months ago

Apparently already dealt with - we can reopen if not.