diff options
author | Alexandre Alapetite <alexandre@alapetite.fr> | 2012-07-30 13:55:26 +0400 |
---|---|---|
committer | Alexandre Alapetite <alexandre@alapetite.fr> | 2012-07-30 13:55:26 +0400 |
commit | b610464e80bbc59acd4cfcbcb6635e7d14404826 (patch) | |
tree | 6eb6b7e0753d009010df46190643a7ab109a4ce8 /mcs/class/Commons.Xml.Relaxng | |
parent | f73366555005cfad6bbb19f2ab432b0c15adbd0e (diff) |
Update mcs/class/Commons.Xml.Relaxng/Commons.Xml.Relaxng/XsdDatatypeProvider.cs
The text, which arrives decoded, must be escaped when manually concatenating strings aimed to be consumed by an XML reader.
For instance, if the original document to be validated contains
<a href="http://example.org/?a=1&b=2">fail</a>
then value will contain "http://example.org/?a=1&b=2"
and before the patch, that would have generated an exception.
I am not sure however, if the whole Parse() function works correctly.
In addition, the function is using XmlValidatingReader, which is deprecated.
Diffstat (limited to 'mcs/class/Commons.Xml.Relaxng')
-rw-r--r-- | mcs/class/Commons.Xml.Relaxng/Commons.Xml.Relaxng/XsdDatatypeProvider.cs | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/mcs/class/Commons.Xml.Relaxng/Commons.Xml.Relaxng/XsdDatatypeProvider.cs b/mcs/class/Commons.Xml.Relaxng/Commons.Xml.Relaxng/XsdDatatypeProvider.cs index 3a1e17a0007..311bb231728 100644 --- a/mcs/class/Commons.Xml.Relaxng/Commons.Xml.Relaxng/XsdDatatypeProvider.cs +++ b/mcs/class/Commons.Xml.Relaxng/Commons.Xml.Relaxng/XsdDatatypeProvider.cs @@ -212,6 +212,8 @@ namespace Commons.Xml.Relaxng.XmlSchema // simple-type based validation (since there is no // other way, because of sucky XmlSchemaSimpleType // design). + if (value != null) + value = value.Replace("&", "&").Replace("<", "<").Replace(">", ">"); XmlValidatingReader v = new XmlValidatingReader ( new XmlTextReader ( String.Concat ("<root>", value, "</root>"), |