Browse files

merged branch jakzal/yamlDoubleQuotesDumperFix (PR #4320)


b631073 [Yaml] Fixed double quotes escaping in Dumper.


[Yaml] Fixed double quotes escaping in Dumper

Issue #4308 is caused by Dumper::escapeWithDoubleQuotes() which uses [str_replace()](

From the php docs:

> Because str_replace() replaces left to right, it might replace a previously inserted value when doing multiple replacements.

We should be very careful in deciding about the order of elements in $escapees array. I'd really appreciate if someone reviewed my fix. Tests say I didn't break anything but I'm not sure what percentage of Yaml specification is covered by tests.

Bug fix: yes
Feature addition: no
Backwards compatibility break: not that I know
Symfony2 tests pass: [![Build Status](](
Fixes the following tickets: #4308


by travisbot at 2012-05-18T08:53:51Z

This pull request [passes]( (merged 5192722c into a04acc89).


by travisbot at 2012-05-18T23:19:49Z

This pull request [fails]( (merged ecaa1aab into fc3c609b).


by dinamic at 2012-05-19T07:35:21Z

Something is really wrong with this method. You can see clearly that multiple characters would fail proper escaping.

Here's an example:
$value = '\\\\"some value\n \"some quoted string\" and \'some single quotes one\'"';
string(72) ""\\\"some value\n \\some quoted string\\ and 'some single quotes one'\"""

To begin with the backslash - in the initial value you have 2 (escaped ones), that after escaping should result in 4, not in 1 (escaped). I guess this behavior has to be verified with the importer, but imho it does not seem right.

Does anyone know why this escaping wasn't done using a regular expression in first place?


by clemens-tolboom at 2012-05-19T10:18:58Z

Searching for\xc2\x85 the table on is interesting enough to decide we need way more documentation on this file.

\xc2\x85 seems to be triple dot (ellipses)
\xe2\x80\xa9 seems to be paragraph separator see

  • Loading branch information...
fabpot committed Jun 9, 2012
1 parent d689441 commit 9f3d53aee27329fc2b2294cd032454384059aa72
Showing with 10 additions and 2 deletions.
  1. +2 −2 Escaper.php
  2. +8 −0 Tests/Fixtures/escapedCharacters.yml
@@ -25,13 +25,13 @@ class Escaper
// first to ensure proper escaping because str_replace operates iteratively
// on the input arrays. This ordering of the characters avoids the use of strtr,
// which performs more slowly.
- private static $escapees = array('\\\\', '\\"',
+ private static $escapees = array('\\\\', '\\"', '"',
"\x00", "\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07",
"\x08", "\x09", "\x0a", "\x0b", "\x0c", "\x0d", "\x0e", "\x0f",
"\x10", "\x11", "\x12", "\x13", "\x14", "\x15", "\x16", "\x17",
"\x18", "\x19", "\x1a", "\x1b", "\x1c", "\x1d", "\x1e", "\x1f",
"\xc2\x85", "\xc2\xa0", "\xe2\x80\xa8", "\xe2\x80\xa9");
- private static $escaped = array('\\"', '\\\\',
+ private static $escaped = array('\\"', '\\\\', '\\"',
"\\0", "\\x01", "\\x02", "\\x03", "\\x04", "\\x05", "\\x06", "\\a",
"\\b", "\\t", "\\n", "\\v", "\\f", "\\r", "\\x0e", "\\x0f",
"\\x10", "\\x11", "\\x12", "\\x13", "\\x14", "\\x15", "\\x16", "\\x17",
@@ -137,3 +137,11 @@ yaml: |
\x41 \u0041 \U00000041"
php: |
"Fun with \x5C\n\x22 \x07 \x08 \x1B \x0C\n\x0A \x0D \x09 \x0B \x00\n\x20 \xA0 \x85 \xe2\x80\xa8 \xe2\x80\xa9\nA A A"
+test: Double quotes with a line feed
+yaml: |
+ { double: "some value\n \"some quoted string\" and 'some single quotes one'" }
+php: |
+ array(
+ 'double' => "some value\n \"some quoted string\" and 'some single quotes one'"
+ )

0 comments on commit 9f3d53a

Please sign in to comment.