Peter N. Lundblad wrote on 01/26/2005 12:29 PM:
> On Wed, 26 Jan 2005, Julian Foad wrote:
>
>
>>Julian Foad wrote:
>>
>>>VK Sameer wrote:
>>>
>>>> SVN_ERR( dav_svn__send_xml(lrb->bb, lrb->output,
>>>> "<D:comment>%s</D:comment>" DEBUG_CR,
>>>>- apr_xml_quote_string(pool, msg, 0)) );
>>>>+ svn_xml_fuzzy_escape (
>>>>+ apr_xml_quote_string (pool, msg, 0),
>>>>+ pool)) );
>>>
>>>No. You should strip control characters before you XML-quote it,
>>>otherwise you are relying on (1) your function producing validly quoted
>>>XML (which it may do at present but is not documented to do), and (2)
>>>the XML-quoting function accepting and passing through control
>>>characters (which such a function need not be expected to do).
>>
>>(2)
>>Now I'm confused about what you are escaping. You are escaping all ASCII
>>control characters (as defined by svn_ctype_iscntrl). That includes valid XML
>>characters CR, LF and TAB. Shouldn't you be escaping only non-XML control
>>characters?
>>
>
> And non-ASCII invalid XML characters as well (in the future, when we have
> functions to convert to Unicode scalars). Could you design the function so
> it can be extended for that later? (Thinking of the API, not the
> implementation.)
>
Sorry, Peter, I don't think I understood.
Unless you mean accepting a set of bytes instead of a single char?
Regards
Sameer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jan 28 13:19:33 2005