ret += it->second;
ret += ';';
}
- else if (*x < 32 || *x > 126)
+ else if (*x == 0x09 || *x == 0x0A || *x == 0x0D || ((*x >= 0x20) && (*x <= 0x7e)))
{
- int n = (unsigned char)*x;
- ret += ("&#" + ConvToStr(n) + ";");
+ // The XML specification defines the following characters as valid inside an XML document:
+ // Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]
+ ret += *x;
}
else
{
- ret += *x;
+ // If we reached this point then the string contains characters which can
+ // not be represented in XML, even using a numeric escape. Therefore, we
+ // Base64 encode the entire string and wrap it in a CDATA.
+ ret.clear();
+ ret += "<![CDATA[";
+ ret += BinToBase64(str);
+ ret += "]]>";
+ break;
}
}
return ret;
Channel* c = a->second;
data << "<channel>";
- data << "<usercount>" << c->GetUsers()->size() << "</usercount><channelname>" << c->name << "</channelname>";
+ data << "<usercount>" << c->GetUsers()->size() << "</usercount><channelname>" << Sanitize(c->name) << "</channelname>";
data << "<channeltopic>";
data << "<topictext>" << Sanitize(c->topic) << "</topictext>";
data << "<setby>" << Sanitize(c->setby) << "</setby>";
data << "<server>";
data << "<servername>" << b->servername << "</servername>";
data << "<parentname>" << b->parentname << "</parentname>";
- data << "<gecos>" << b->gecos << "</gecos>";
+ data << "<gecos>" << Sanitize(b->gecos) << "</gecos>";
data << "<usercount>" << b->usercount << "</usercount>";
// This is currently not implemented, so, commented out.
// data << "<opercount>" << b->opercount << "</opercount>";
projects / user / henk / code / inspircd.git / blobdiff