[vlc-commits] httprequests.lua: handle fields unsuitable for XML tag names
Pierre Ynard
git at videolan.org
Mon Aug 31 20:46:01 CEST 2020
vlc | branch: master | Pierre Ynard <linkfanel at yahoo.fr> | Mon Aug 31 20:43:24 2020 +0200| [3fadb90cb312af1f8904c052317bad90b0db47cb] | committer: Pierre Ynard
httprequests.lua: handle fields unsuitable for XML tag names
Table keys that would be invalid as XML tag names are instead passed
as the name attribute. This is a bit of a breaking change as it was
possible instead to abuse the key field to set arbitrary XML attributes
on the tag (whose syntactic validity then wasn't checked), or even to
inject extra XML code; however no in-tree user did that.
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=3fadb90cb312af1f8904c052317bad90b0db47cb
---
share/lua/intf/modules/httprequests.lua | 21 ++++++++-------------
1 file changed, 8 insertions(+), 13 deletions(-)
diff --git a/share/lua/intf/modules/httprequests.lua b/share/lua/intf/modules/httprequests.lua
index bff81f3464..db648b2c38 100644
--- a/share/lua/intf/modules/httprequests.lua
+++ b/share/lua/intf/modules/httprequests.lua
@@ -246,10 +246,14 @@ local printXmlKeyValue = function (k,v,indent)
print("\n")
for i=1,indent do print(" ") end
if (k) then
- if not tonumber(k) then
- print("<"..k..">")
+ --XML element naming rules: this is a bit more conservative
+ --than it strictly needs to be
+ if not string.match(k, "^[a-zA-Z_][a-zA-Z0-9_%-%.]*$")
+ or string.match(k, "^[xX][mM][lL]") then
+ print('<element name="'..xmlString(k)..'">')
+ k = "element"
else
- print("<entry_"..k..">")
+ print("<"..k..">")
end
end
@@ -260,16 +264,7 @@ local printXmlKeyValue = function (k,v,indent)
end
if (k) then
- xs=xmlString(k)
- space_loc=string.find(xs," ")
- if space_loc == nil then
- xs=string.sub(xs,1,space_loc)
- end
- if not tonumber(xs) then
- print("</"..xs..">")
- else
- print("</entry_"..xs..">")
- end
+ print("</"..k..">")
end
end
More information about the vlc-commits
mailing list