Context Navigation

#13016 closed defect (fixed)

Broken RSS feed due to unescaped & character in title element — at Version 7

Reported by:	Jun Omae	Owned by:	Jun Omae
Priority:	normal	Milestone:	1.3.3
Component:	timeline	Version:	1.3dev
Severity:	normal	Keywords:
Cc:		Branch:
Release Notes:
API Changes:
Internal Changes:	Fix broken timeline rss when entry's title has xml special characters.

Description

line 117, column 60: XML parsing error: <unknown>:117:60: not well-formed (invalid token) [help]

          <title>Changeset [16569]: 1.3.3dev: Refactor to use `&=` operator Refs ...

https://validator.w3.org/feed/check.cgi?url=https%3A%2F%2Ftrac.edgewall.org%2Ftimeline%3Fformat%3Drss%26from%3D2018-04-26T11%253A04%253A17%252B09%253A00%26amp%3Bprecision%3Dseconds

Related: #12683.

Change History (7)

comment:1 by Jun Omae, 6 years ago

timeline.rss uses plaintext for title elements. The plaintext in 1.2-stable returns unicode instance but plaintext in trunk returns Markup instance. The change of function leads the issue.

plaintext in trunk should return unicode instance.

1.2-stable

Python 2.6.9 (default, Oct 22 2014, 19:56:52)
[GCC 4.8.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from trac import __version__
>>> from trac.util.html import plaintext, stripentities
>>> from trac.util.translation import _
>>> __version__
'1.2.3.dev0'
>>> value = 'Changeset [16569]: 1.3.3dev: Refactor to use `&=` operator  Refs #12914.'
>>> result = plaintext(value, keeplinebreaks=False)
>>> type(result)
<type 'unicode'>
>>> result
u'Changeset [16569]: 1.3.3dev: Refactor to use `&=` operator  Refs #12914.'

trunk

Python 2.7.12 (default, Dec  4 2017, 14:50:18)
[GCC 5.4.0 20160609] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from trac import __version__
>>> from trac.util.html import plaintext, stripentities
>>> from trac.util.translation import _
>>> __version__
'1.3.3.dev0'
>>> value = 'Changeset [16569]: 1.3.3dev: Refactor to use `&=` operator  Refs #12914.'
>>> result = plaintext(value, keeplinebreaks=False)
>>> type(result)
<class 'markupsafe.Markup'>
>>> result
Markup(u'Changeset [16569]: 1.3.3dev: Refactor to use `&=` operator Refs #12914.')

comment:2 by Jun Omae, 6 years ago

Owner:	set to Jun Omae
Release Notes:	modified (diff)
Status:	new → assigned

Proposed changes in jomae.git@t13016, which fix plaintext and add unit tests for timeline rss.

comment:3 by Ryan J Ollos, 6 years ago

The changes look good to me.

comment:4 by Jun Omae, 6 years ago

Resolution:	→ fixed
Status:	assigned → closed

Thanks for the reviewing. Fixed in [16580].

follow-up: 6 comment:5 by Jun Omae, 6 years ago

Resolution:	fixed
Status:	closed → reopened

After [16580], <em> elements in changeset's titles are leave. We should strip <em> from the titles.

$ curl -s 'https://trac.edgewall.org/timeline?from=2018-05-29T12%3A00%3A00Z&precision=seconds&daysback=1&format=rss' | grep -F '<title>Changeset'
      <title>Changeset &lt;em&gt;[16607]&lt;/em&gt;: 1.3.3dev: Remove obsolete import statement
      <title>Changeset in mirror &lt;em&gt;[13122:80bc2b88187c]&lt;/em&gt;: 1.3.3dev: Remove obsolete import statement

I'll fix it…

in reply to: 5 comment:6 by Jun Omae, 6 years ago

Resolution:	→ fixed
Status:	reopened → closed

Replying to Jun Omae:

After [16580], <em> elements in changeset's titles are leave. We should strip <em> from the titles.

Fixed in [16610].

comment:7 by Ryan J Ollos, 4 years ago

Internal Changes:	modified (diff)
Release Notes:	modified (diff)

Note: See TracTickets for help on using tickets.

Download in other formats: