-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Text should be escaped as it's being parsed into XML files #972
Comments
I believe I am having this same issue. |
I can confirm that this is the issue I am having. I wrapped the data in |
Great, that means I'm not alone. I couldn't easily find the place in the code where to change this, I hope one of the contributors can do that! |
Confirm - I am having the same issue with setValue() in TemplateProcessor. Temporary solution - wrap string data in htmlentities(). |
If you first call Settings::setOutputEscapingEnabled(true); The xml entities will get escaped. |
In at least the
Section::addText()
function, data is not being escaped properly. Adding text that would be considered invalid in XML will result in a corrupt Word output file.In the following example the unescaped ampersand is causing the corruption.
Opening the resulting file will result in a parsing error.
The solution would be to auto-escape all text added through
addText()
functions. Possibly other functions as wellThe text was updated successfully, but these errors were encountered: