Skip to content

sleekxmpp.xmlstream.tostring.escape not escaping chars below '\x20' #249

m13253 opened this Issue Jul 23, 2013 · 0 comments

1 participant

m13253 commented Jul 23, 2013

If my forwarder bot receives a message containing chars from \x00 to \x1f and tries to forward it, my bot will get kicked by some servers.
It is because that it does not escape those chars to XML sequences from � to .

This is a security problem rather than a feature request, because the bot is having the risk of being kicked. For example, Prosody kicks it with reason XML not well formed.

The related lines are here.
Please check it and escape those chars correctly.

@m13253 m13253 added a commit to m13253/ircbindxmpp that referenced this issue Jan 23, 2014
@m13253 m13253 Filter bad chars for SleekXMPP
Related issue: fritzy/SleekXMPP#249
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.