You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In mod_bosh.erl, a call is made to exml:to_binary, without first escaping XML CDATA content. In exml/src/exml.erl a comment states that "it's caller's responsibility to make sure that #xmlcdata's content is escaped properly".
As a result, invalid XML is produced in case if a tag contains special chars like "&" in its body. This example will reproduce the error:
<iq type="set" id="4">
<query xmlns="jabber:iq:private">
<TestPrivate xmlns="some:private:data">Test with an &</TestPrivate>
</query>
</iq>
Executing a "get" IQ over BOSH will return the following reply
<iq from='bot@localhost' to='bot@localhost/test' id='4' type='result'>
<query xmlns='jabber:iq:private'>
<TestPrivate xmlns="some:private:data">Test with an &</TestPrivate>
</query>
</iq>
Notice how the "&" is not properly escaped in the BOSH reply. Other places where exml:to_binary is used to convert {xmlel, ...} into binary string may also be affected by similar issue.
The text was updated successfully, but these errors were encountered:
In mod_bosh.erl, a call is made to exml:to_binary, without first escaping XML CDATA content. In exml/src/exml.erl a comment states that "it's caller's responsibility to make sure that #xmlcdata's content is escaped properly".
As a result, invalid XML is produced in case if a tag contains special chars like "&" in its body. This example will reproduce the error:
Executing a "get" IQ over BOSH will return the following reply
Notice how the "&" is not properly escaped in the BOSH reply. Other places where exml:to_binary is used to convert {xmlel, ...} into binary string may also be affected by similar issue.
The text was updated successfully, but these errors were encountered: