Re: [PR] [MINVOKER-351] Escape special xml character in junit report [maven-invoker-plugin]

[via GitHub]

elharo commented on code in PR #242:
URL: 
https://github.com/apache/maven-invoker-plugin/pull/242#discussion_r1604812464


##########
src/main/java/org/apache/maven/plugins/invoker/AbstractInvokerMojo.java:
##########
@@ -1779,7 +1781,7 @@ private void writeJunitReport(BuildJob buildJob, String 
safeFileName) throws Moj
         if (buildLogFile != null && buildLogFile.exists()) {
             getLog().debug("fileLogger:" + buildLogFile);
             try {
-                systemOut.setValue(FileUtils.fileRead(buildLogFile));
+                
systemOut.setValue(StringEscapeUtils.escapeXml10(FileUtils.fileRead(buildLogFile)));

Review Comment:
   One thing I don't yet understand is what the "value" being set here is in 
Xpp3Dom. I *think* (could be wrong) it's supposed to be the raw text to be 
output, which means Xpp3Dom is in fact not a document object model at all. The 
confusion between object model and serialized form is a real problem with 
Xpp3Dom.  
   
   
   



##########
src/main/java/org/apache/maven/plugins/invoker/AbstractInvokerMojo.java:
##########
@@ -1640,7 +1642,7 @@ private void runBuild(
             }
         } catch (RunFailureException e) {
             buildJob.setResult(e.getType());
-            buildJob.setFailureMessage(e.getMessage());
+            
buildJob.setFailureMessage(StringEscapeUtils.escapeXml10(e.getMessage()));

Review Comment:
   I haven't followed through the complete code yet, but the failure message 
should generally only be escaped once, and that should be left to the XML 
writer. That is, don't escape a string that appears in PCDATA or an attribute 
value. Let the writer do that.
   
   This all assumes that the writer does correctly escape everything. Some 
libraries have borked this up in one way or another. Looking at it now 
Xpp3DomWriter is a mess and doesn't have a clean model of when and what to 
escape. It seems to confuse the unescaped model strings with the serialized 
escaped strings, and switches back and forth between escaped or not depending 
on switches.
   
   I'm not sure exactly how to fix this issue. Really what needs to happen is 
either fix XPP3DomWriter and likely XPPDom, while breaking the API and all 
existing dependents, or switch to a better designed XML library here. Short of 
that maybe you can make this work with enough unit tests. 
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org