etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug 8726: escape ", ', &, <, > special chars in xml response 

status 8726: resolved fixed
This commit is contained in:
alena 2011-02-24 17:04:52 -08:00
parent 1372767685
commit 9e622c6a6c
1 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
server/src/com/cloud/api/response/ApiResponseSerializer.java
View File

@ -164,7 +164,7 @@ public class ApiResponseSerializer {
}else if (fieldValue instanceof Date) {
sb.append("<" + serializedName.value() + ">" + BaseCmd.getDateString((Date)fieldValue) + "</" + serializedName.value() + ">");
} else {
sb.append("<" + serializedName.value() + ">" + fieldValue.toString() + "</" + serializedName.value() + ">");
sb.append("<" + serializedName.value() + ">" + escapeSpecialXmlChars(fieldValue.toString()) + "</" + serializedName.value() + ">");
}
}
} catch (IllegalArgumentException e) {
@ -222,4 +222,26 @@ public class ApiResponseSerializer {
return sb.toString();
}
private static String escapeSpecialXmlChars(String originalString) {
char[] origChars = originalString.toCharArray();
StringBuilder resultString = new StringBuilder();
for (char singleChar : origChars) {
if (singleChar == '"') {
resultString.append("&quot;");
} else if (singleChar == '\'') {
resultString.append("&apos;");
} else if (singleChar == '<') {
resultString.append("&lt;");
} else if (singleChar == '>') {
resultString.append("&gt;");
} else if (singleChar == '&') {
resultString.append("&amp;");
} else {
resultString.append(singleChar);
}
}
return resultString.toString();
}
}