greco: escape XML illegal characters (#32681)
This commit is contained in:
parent
7fcf7d082e
commit
b312381a75
|
@ -15,6 +15,7 @@
|
|||
|
||||
import base64
|
||||
import json
|
||||
import re
|
||||
|
||||
from email import encoders
|
||||
from email.mime.audio import MIMEAudio
|
||||
|
@ -39,6 +40,14 @@ from passerelle.soap import sudsobject_to_dict
|
|||
from .formdata import FormData, CREATION_SCHEMA, list_schema_fields
|
||||
|
||||
|
||||
# taken from https://lsimons.wordpress.com/2011/03/17/stripping-illegal-characters-out-of-xml-in-python/
|
||||
_illegal_xml_chars_RE = re.compile(u'[\x00-\x08\x0b\x0c\x0e-\x1F\uD800-\uDFFF\uFFFE\uFFFF]')
|
||||
|
||||
|
||||
def escape_xml_illegal_chars(val, replacement='?'):
|
||||
return _illegal_xml_chars_RE.sub(replacement, val)
|
||||
|
||||
|
||||
class ParameterTypeError(Exception):
|
||||
http_status = 400
|
||||
log_error = False
|
||||
|
@ -55,6 +64,10 @@ def fill_sudsobject_with_dict(sudsobject, fields, prefix=None):
|
|||
else:
|
||||
if attr in fields:
|
||||
# sudsobject.foo.bar <- fields['foo_bar']
|
||||
field_value = fields[attr]
|
||||
# duck-type unicode/str
|
||||
if hasattr(field_value, 'isnumeric'):
|
||||
field_value = escape_xml_illegal_chars(field_value)
|
||||
setattr(sudsobject, key, fields[attr])
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue