vanitasvitae
/
Smack
mirror of https://github.com/vanitasvitae/Smack.git
1
0
Fork 0
Code Issues Releases Wiki Activity

SMACK-375 Properly escape Strings in DiscoverInfo and DiscoverItems for XML. 

git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@13417 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
Florian Schmaus 2013-01-31 22:30:36 +00:00 committed by flow
parent 401c37bd28
commit a75d2d7d0d
2 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
source/org/jivesoftware/smackx/packet/DiscoverInfo.java
View File

@ -21,6 +21,7 @@
package org.jivesoftware.smackx.packet;
import org.jivesoftware.smack.packet.IQ;
import org.jivesoftware.smack.util.StringUtils;
import java.util.Collections;
import java.util.Iterator;
@ -135,7 +136,7 @@ public class DiscoverInfo extends IQ {
buf.append("<query xmlns=\"http://jabber.org/protocol/disco#info\"");
if (getNode() != null) {
buf.append(" node=\"");
buf.append(getNode());
buf.append(StringUtils.escapeForXML(getNode()));
buf.append("\"");
}
buf.append(">");
@ -222,10 +223,10 @@ public class DiscoverInfo extends IQ {
public String toXML() {
StringBuilder buf = new StringBuilder();
buf.append("<identity category=\"").append(category).append("\"");
buf.append(" name=\"").append(name).append("\"");
buf.append("<identity category=\"").append(StringUtils.escapeForXML(category)).append("\"");
buf.append(" name=\"").append(StringUtils.escapeForXML(name)).append("\"");
if (type != null) {
buf.append(" type=\"").append(type).append("\"");
buf.append(" type=\"").append(StringUtils.escapeForXML(type)).append("\"");
}
buf.append("/>");
return buf.toString();
@ -262,8 +263,8 @@ public class DiscoverInfo extends IQ {
public String toXML() {
StringBuilder buf = new StringBuilder();
buf.append("<feature var=\"").append(variable).append("\"/>");
buf.append("<feature var=\"").append(StringUtils.escapeForXML(variable)).append("\"/>");
return buf.toString();
}
}
}
}

11
source/org/jivesoftware/smackx/packet/DiscoverItems.java
View File

@ -21,6 +21,7 @@
package org.jivesoftware.smackx.packet;
import org.jivesoftware.smack.packet.IQ;
import org.jivesoftware.smack.util.StringUtils;
import java.util.Collections;
import java.util.Iterator;
@ -94,7 +95,7 @@ public class DiscoverItems extends IQ {
buf.append("<query xmlns=\"http://jabber.org/protocol/disco#items\"");
if (getNode() != null) {
buf.append(" node=\"");
buf.append(getNode());
buf.append(StringUtils.escapeForXML(getNode()));
buf.append("\"");
}
buf.append(">");
@ -222,16 +223,16 @@ public class DiscoverItems extends IQ {
StringBuilder buf = new StringBuilder();
buf.append("<item jid=\"").append(entityID).append("\"");
if (name != null) {
buf.append(" name=\"").append(name).append("\"");
buf.append(" name=\"").append(StringUtils.escapeForXML(name)).append("\"");
}
if (node != null) {
buf.append(" node=\"").append(node).append("\"");
buf.append(" node=\"").append(StringUtils.escapeForXML(node)).append("\"");
}
if (action != null) {
buf.append(" action=\"").append(action).append("\"");
buf.append(" action=\"").append(StringUtils.escapeForXML(action)).append("\"");
}
buf.append("/>");
return buf.toString();
}
}
}
}