x/clouddocs-maven-plugin
Code Issues Proposed changes

Make sure to escape parameter values since they are pass as XML attributes

Browse Source
This commit is contained in:
Sam Harwell
2013-08-23 08:43:02 -05:00
parent d6f3b64982
commit a042ff1e06
1 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/main/java/com/rackspace/cloud/api/docs/CalabashHelper.java
View File

@@ -51,9 +51,9 @@ public class CalabashHelper {
strBuff strBuff
.append("<c:param name=\"") .append("<c:param name=\"")
.append(entry.getKey()) .append(escapeXmlAttribute(entry.getKey()))
.append("\" namespace=\"\" value=\"") .append("\" namespace=\"\" value=\"")
.append(rawValue) .append(escapeXmlAttribute(rawValue))
.append("\"/>"); .append("\"/>");
} }
} }
@@ -74,6 +74,18 @@ public class CalabashHelper {
return sources.get(0); return sources.get(0);
} }
private static String escapeXmlAttribute(String value) {
if (value == null) {
return "";
}
return value
.replace("&", "&amp;")
.replace("\"", "&quot;")
.replace("'", "&apos;")
.replace("%", "&#37;");
}
/** /**
* Creates a {@link Source} for use in a Calabash pipeline. * Creates a {@link Source} for use in a Calabash pipeline.
* *