Merge pull request #129 from ehoogerbeets/master

c4milo · web-flow · commit 3c8552c3c9ae · 2017-07-13T08:37:34.000-04:00
Also run sanitize on the content when converting from xml to json.
diff --git a/lib/json2xml.js b/lib/json2xml.js
@@ -76,13 +76,14 @@ ToXml.prototype.openTag = function(key) {
 }
 ToXml.prototype.addAttr = function(key, val) {
     if (this.options.sanitize) {
-        val = sanitizer.sanitize(val)
+        val = sanitizer.sanitize(val);
     }
     this.xml += ' ' + key + '="' + val + '"';
 }
 ToXml.prototype.addTextContent = function(text) {
     this.completeTag();
-    this.xml += text;
+    var newText = (this.options.sanitize ? sanitizer.sanitize(text) : text);
+    this.xml += newText;
 }
 ToXml.prototype.closeTag = function(key) {
     this.completeTag();
diff --git a/lib/sanitize.js b/lib/sanitize.js
@@ -41,4 +41,4 @@ exports.sanitize = function sanitize(value, reverse) {
     });
 
     return value;
-}
+};
diff --git a/lib/xml2json.js b/lib/xml2json.js
@@ -60,9 +60,9 @@ function endElement(name) {
             currentObject[textNodeName()] = currentObject[textNodeName()].trim()
         }
 
-        if (options.sanitize) {
-            currentObject[textNodeName()] = sanitizer.sanitize(currentObject[textNodeName()], true);
-        }
+        //if (options.sanitize) {
+        //    currentObject[textNodeName()] = sanitizer.sanitize(currentObject[textNodeName()], true);
+        //}
 
         currentObject[textNodeName()] = coerce(currentObject[textNodeName()],name);
     }
diff --git a/test/fixtures/xmlsanitize.json b/test/fixtures/xmlsanitize.json
@@ -1 +1 @@
-{"e":{"a":{"b":"Smith & Son"}}}
+{"e":{"a":{"b":"Smith & Son","$t":"Movers & <b>Shakers</b> Extraordinaire"}}}
diff --git a/test/fixtures/xmlsanitize.xml b/test/fixtures/xmlsanitize.xml
@@ -1 +1 @@
-<e><a b="Smith &amp; Son"></a></e>
+<e><a b="Smith &amp; Son">Movers &amp; &lt;b&gt;Shakers&lt;/b&gt; Extraordinaire</a></e>
diff --git a/test/fixtures/xmlsanitize2.json b/test/fixtures/xmlsanitize2.json
@@ -1 +1 @@
-{"e":"Smith & Son"}
+{"e":{"$t":"<b>Smith</b> & <b>Son</b>"}}
diff --git a/test/fixtures/xmlsanitize2.xml b/test/fixtures/xmlsanitize2.xml
@@ -1 +1 @@
-<e>Smith &amp; Son</e>
+<e>&lt;b&gt;Smith&lt;/b&gt; &amp; &lt;b&gt;Son&lt;/b&gt;</e>
diff --git a/test/fixtures/xmlsanitize3.json b/test/fixtures/xmlsanitize3.json
@@ -0,0 +1 @@
+{"e":{"$t":"&lt;b&gt;Smith&lt;/b&gt; &amp;"}}
diff --git a/test/fixtures/xmlsanitize3.xml b/test/fixtures/xmlsanitize3.xml
@@ -0,0 +1 @@
+<e>&amp;lt;b&amp;gt;Smith&amp;lt;/b&amp;gt; &amp;amp;</e>
diff --git a/test/test.js b/test/test.js
@@ -99,14 +99,57 @@ describe('xml2json', function () {
     it('does xmlsanitize of text', function (done) {
 
         var xml = internals.readFixture('xmlsanitize2.xml');
-        var result = parser.toJson(xml, {sanitize: true});
+        var result = parser.toJson(xml, {sanitize: true, reversible: true});
         var json = internals.readFixture('xmlsanitize2.json');
 
         expect(result).to.equal(json);
 
         done();
     });
 
+    it('does json unsanitize', function (done) {
+
+        var json = internals.readFixture('xmlsanitize.json');
+        var result = parser.toXml(json, {sanitize: true});
+        var xml = internals.readFixture('xmlsanitize.xml');
+
+        expect(result).to.equal(xml);
+
+        done();
+    });
+
+    it('does json unsanitize of text', function (done) {
+
+        var json = internals.readFixture('xmlsanitize2.json');
+        var result = parser.toXml(json, {sanitize: true});
+        var xml = internals.readFixture('xmlsanitize2.xml');
+
+        expect(result).to.equal(xml);
+
+        done();
+    });
+
+    it('does doesnt double sanitize', function (done) {
+
+        var json = internals.readFixture('xmlsanitize3.json');
+        var result = parser.toXml(json, {sanitize: true});
+        var xml = internals.readFixture('xmlsanitize3.xml');
+
+        expect(result).to.equal(xml);
+
+        done();
+    });
+
+    it('does doesnt double unsanitize', function (done) {
+
+        var xml = internals.readFixture('xmlsanitize3.xml');
+        var result = parser.toJson(xml, {sanitize: true, reversible: true});
+        var json = internals.readFixture('xmlsanitize3.json');
+
+        expect(result).to.equal(json);
+        done();
+    });
+
     it('converts with forceArrays', function(done) {
         var xml = internals.readFixture('forceArray.xml');
         var result = parser.toJson(xml, {arrayNotation: ['drivers', 'vehicles']});
@@ -247,8 +290,8 @@ describe('json2xml', function () {
 
     it('works with array notation', function (done) {
 
-        var xml = fs.readFileSync('./test/fixtures/array-notation.xml');
-        var expectedJson = JSON.parse( fs.readFileSync('./test/fixtures/array-notation.json') );
+        var xml = internals.readFixture('array-notation.xml');
+        var expectedJson = JSON.parse( internals.readFixture('array-notation.json') );
 
         var json = parser.toJson(xml, {object: true, arrayNotation: true});
 

Original file line number	Diff line number	Diff line change
`@@ -76,13 +76,14 @@ ToXml.prototype.openTag = function(key) {`
`76`	`76`	`}`
`77`	`77`	`ToXml.prototype.addAttr = function(key, val) {`
`78`	`78`	`if (this.options.sanitize) {`
`79`		`- val = sanitizer.sanitize(val)`
	`79`	`+ val = sanitizer.sanitize(val);`
`80`	`80`	`}`
`81`	`81`	`this.xml += ' ' + key + '="' + val + '"';`
`82`	`82`	`}`
`83`	`83`	`ToXml.prototype.addTextContent = function(text) {`
`84`	`84`	`this.completeTag();`
`85`		`- this.xml += text;`
	`85`	`+ var newText = (this.options.sanitize ? sanitizer.sanitize(text) : text);`
	`86`	`+ this.xml += newText;`
`86`	`87`	`}`
`87`	`88`	`ToXml.prototype.closeTag = function(key) {`
`88`	`89`	`this.completeTag();`
-Original file line number
+Diff line change
     });
     return value;
 -}
 +};
Original file line number	Diff line number	Diff line change
`@@ -60,9 +60,9 @@ function endElement(name) {`
`60`	`60`	`currentObject[textNodeName()] = currentObject[textNodeName()].trim()`
`61`	`61`	`}`
`62`	`62`
`63`		`- if (options.sanitize) {`
`64`		`- currentObject[textNodeName()] = sanitizer.sanitize(currentObject[textNodeName()], true);`
`65`		`- }`
	`63`	`+ //if (options.sanitize) {`
	`64`	`+ // currentObject[textNodeName()] = sanitizer.sanitize(currentObject[textNodeName()], true);`
	`65`	`+ //}`
`66`	`66`
`67`	`67`	`currentObject[textNodeName()] = coerce(currentObject[textNodeName()],name);`
`68`	`68`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-{"e":{"a":{"b":"Smith & Son"}}}`
	`1`	`+{"e":{"a":{"b":"Smith & Son","$t":"Movers & <b>Shakers</b> Extraordinaire"}}}`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-<e><a b="Smith & Son"></a></e>`
	`1`	`+<e><a b="Smith & Son">Movers & <b>Shakers</b> Extraordinaire</a></e>`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-{"e":"Smith & Son"}`
	`1`	`+{"e":{"$t":"<b>Smith</b> & <b>Son</b>"}}`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-<e>Smith & Son</e>`
	`1`	`+<e><b>Smith</b> & <b>Son</b></e>`