jindw/xmldom

Correct encode text

apronin83 opened this issue · 0 comments

apronin83 commented

You have incorrect coding of the text of the node and attribute.

Your code (dom.js):

function _xmlEncoder(c){
	return c == '<' && '&lt;' ||
         c == '>' && '&gt;' ||
         c == '&' && '&amp;' ||
         c == '"' && '&quot;' ||
         '&#'+c.charCodeAt()+';'
}

...

	case ATTRIBUTE_NODE:
		return buf.push(' ',node.name,'="',node.value.replace(/[<&"]/g,_xmlEncoder),'"');
	case TEXT_NODE:
		return buf.push(node.data.replace(/[<&]/g,_xmlEncoder));

My code (dom.js):

function _xmlEncoder(c) {
    return c == '<' && '&lt;' ||
        c == '>' && '&gt;' ||
        c == '&' && '&amp;' ||
        c == '"' && '&quot;' ||
        c == "'" && '&apos;';
}

...

	case ATTRIBUTE_NODE:
		return buf.push(' ',node.name,'="',node.value.replace(/[&"<>\']/g,_xmlEncoder),'"');
	case TEXT_NODE:
		return buf.push(node.data.replace(/[&"<>\']/g,_xmlEncoder));