summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorThorvald Natvig <slicer@users.sourceforge.net>2009-10-20 11:31:02 (GMT)
committerOlivier Goffart <ogoffart@trolltech.com>2009-10-28 09:24:25 (GMT)
commitde7de35082ec21d506a90e68cb30888540ec64cc (patch)
tree096c1a70d50d8ebe7f09dc737f9e8a19c8260190 /src
parent08e5bae295204ac0cadc1dda6c7a01599f66a2bb (diff)
downloadQt-de7de35082ec21d506a90e68cb30888540ec64cc.zip
Qt-de7de35082ec21d506a90e68cb30888540ec64cc.tar.gz
Qt-de7de35082ec21d506a90e68cb30888540ec64cc.tar.bz2
Fix XML entities in QTextDocument::toHtml()
If a QTextDocument contains an anchor with a & in it, this & is not escaped in the toHtml() function, meaning the resulting document can't be parsed as XML as it will contain invalid entities. Reviewed-by: Olivier Goffart Merge-request: 1753
Diffstat (limited to 'src')
-rw-r--r--src/gui/text/qtextdocument.cpp33
1 files changed, 26 insertions, 7 deletions
diff --git a/src/gui/text/qtextdocument.cpp b/src/gui/text/qtextdocument.cpp
index a8956b8..17981e3 100644
--- a/src/gui/text/qtextdocument.cpp
+++ b/src/gui/text/qtextdocument.cpp
@@ -168,6 +168,25 @@ QString Qt::escape(const QString& plain)
return rich;
}
+static QString escapeXml(const QString &plain)
+{
+ QString rich;
+ rich.reserve(int(plain.length() * 1.1));
+ for (int i = 0; i < plain.length(); ++i) {
+ if (plain.at(i) == QLatin1Char('<'))
+ rich += QLatin1String("&lt;");
+ else if (plain.at(i) == QLatin1Char('>'))
+ rich += QLatin1String("&gt;");
+ else if (plain.at(i) == QLatin1Char('&'))
+ rich += QLatin1String("&amp;");
+ else if (plain.at(i) == QLatin1Char('"'))
+ rich += QLatin1String("&quot;");
+ else
+ rich += plain.at(i);
+ }
+ return rich;
+}
+
/*!
\fn QString Qt::convertFromPlainText(const QString &plain, WhiteSpaceMode mode)
@@ -2038,7 +2057,7 @@ void QTextHtmlExporter::emitAttribute(const char *attribute, const QString &valu
html += QLatin1Char(' ');
html += QLatin1String(attribute);
html += QLatin1String("=\"");
- html += value;
+ html += escapeXml(value);
html += QLatin1Char('"');
}
@@ -2302,12 +2321,12 @@ void QTextHtmlExporter::emitFontFamily(const QString &family)
{
html += QLatin1String(" font-family:");
- QLatin1Char quote('\'');
- if (family.contains(quote))
- quote = QLatin1Char('\"');
+ QLatin1String quote("\'");
+ if (family.contains(QLatin1Char('\'')))
+ quote = QLatin1String("&quot;");
html += quote;
- html += family;
+ html += escapeXml(family);
html += quote;
html += QLatin1Char(';');
}
@@ -2341,13 +2360,13 @@ void QTextHtmlExporter::emitFragment(const QTextFragment &fragment)
const QString name = format.anchorName();
if (!name.isEmpty()) {
html += QLatin1String("<a name=\"");
- html += name;
+ html += escapeXml(name);
html += QLatin1String("\"></a>");
}
const QString href = format.anchorHref();
if (!href.isEmpty()) {
html += QLatin1String("<a href=\"");
- html += href;
+ html += escapeXml(href);
html += QLatin1String("\">");
closeAnchor = true;
}