summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2008-12-30 02:38:48 +0100
committerlpsolit%gmail.com <>2008-12-30 02:38:48 +0100
commit032b9593468a41cb6911f4f4e3eaebdfa2fb0ad9 (patch)
tree15600f0aba7bd72870a6e69620d82fec07bb4a52
parent0497adba3d30f423c05af6cefbaa6fe90a8aa4bd (diff)
downloadbugzilla-032b9593468a41cb6911f4f4e3eaebdfa2fb0ad9.tar.gz
bugzilla-032b9593468a41cb6911f4f4e3eaebdfa2fb0ad9.tar.xz
Bug 105960: xml.cgi generates invalid XML - Patch by Kip Hampton <khampton@totalcinema.com> r/a=mkanat
-rw-r--r--Bugzilla/Util.pm10
1 files changed, 10 insertions, 0 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index a8ba2d81c..982e34c93 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -201,6 +201,16 @@ sub xml_quote {
$var =~ s/>/\&gt;/g;
$var =~ s/\"/\&quot;/g;
$var =~ s/\'/\&apos;/g;
+
+ # the following nukes characters disallowed by the XML 1.0
+ # spec, Production 2.2. 1.0 declares that only the following
+ # are valid:
+ # (#x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF])
+ $var =~ s/([\x{0001}-\x{0008}]|
+ [\x{000B}-\x{000C}]|
+ [\x{000E}-\x{0019}]|
+ [\x{D800}-\x{DFFF}]|
+ [\x{FFFE}-\x{FFFF}])//gx;
return $var;
}