From cdaf657ffbbab5dffa83b17c140fd68497ad82fc Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Fri, 9 May 2025 23:02:32 +0200 Subject: [PATCH] html: Don't escape < and > when serializing attribute values Align with HTML5. This will break some test suites. --- entities.c | 24 ++++++++---------------- result/HTML/attr-ents.html | 2 +- result/HTML/chunked_attr.html | 2 +- result/HTML/lt.html | 2 +- result/HTML/script.html | 2 +- result/HTML/utf8bug.html | 2 +- 6 files changed, 13 insertions(+), 21 deletions(-) diff --git a/entities.c b/entities.c index 7606f0d0b..418b337f8 100644 --- a/entities.c +++ b/entities.c @@ -611,18 +611,21 @@ xmlEscapeText(const xmlChar *text, int flags) { xmlChar *out; const xmlChar *unescaped; size_t size = 50; + int isHtmlAttr = 0; buffer = xmlMalloc(size + 1); if (buffer == NULL) return(NULL); out = buffer; + if ((flags & XML_ESCAPE_HTML) && (flags & XML_ESCAPE_ATTR)) + isHtmlAttr = 1; + cur = text; unescaped = cur; while (*cur != '\0') { char buf[12]; - const xmlChar *end; const xmlChar *repl; size_t used; size_t replSize; @@ -649,21 +652,10 @@ xmlEscapeText(const xmlChar *text, int flags) { chunkSize = 0; repl = BAD_CAST ""; replSize = 0; - } else if (c == '<') { - /* - * Special handling of server side include in HTML attributes - */ - if ((flags & XML_ESCAPE_HTML) && (flags & XML_ESCAPE_ATTR) && - (cur[1] == '!') && (cur[2] == '-') && (cur[3] == '-') && - ((end = xmlStrstr(cur, BAD_CAST "-->")) != NULL)) { - chunkSize = (end - cur) + 3; - repl = cur; - replSize = chunkSize; - } else { - repl = BAD_CAST "<"; - replSize = 4; - } - } else if (c == '>') { + } else if ((c == '<') && (!isHtmlAttr)) { + repl = BAD_CAST "<"; + replSize = 4; + } else if ((c == '>') && (!isHtmlAttr)) { repl = BAD_CAST ">"; replSize = 4; } else if (c == '&') { diff --git a/result/HTML/attr-ents.html b/result/HTML/attr-ents.html index a88fe1d9c..0a649c512 100644 --- a/result/HTML/attr-ents.html +++ b/result/HTML/attr-ents.html @@ -3,6 +3,6 @@ link link -link +link diff --git a/result/HTML/chunked_attr.html b/result/HTML/chunked_attr.html index 2fd71a6e3..fff9afd23 100644 --- a/result/HTML/chunked_attr.html +++ b/result/HTML/chunked_attr.html @@ -40,7 +40,7 @@ Filler bytes follow: 800 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 123456789 xxx

-
+
diff --git a/result/HTML/lt.html b/result/HTML/lt.html index c29f74f7b..e5d00333f 100644 --- a/result/HTML/lt.html +++ b/result/HTML/lt.html @@ -1,6 +1,6 @@ - + diff --git a/result/HTML/script.html b/result/HTML/script.html index 5b95a1f3b..0fc25952e 100644 --- a/result/HTML/script.html +++ b/result/HTML/script.html @@ -5,6 +5,6 @@ - + diff --git a/result/HTML/utf8bug.html b/result/HTML/utf8bug.html index b497aa618..922128c7b 100644 --- a/result/HTML/utf8bug.html +++ b/result/HTML/utf8bug.html @@ -43,7 +43,7 @@ درباره من - + RSS