Prevent double sanitizing.

Apparently, node-expat already unsanitizes the text for us when parsing
xml before handing it off. So, we don't need to do it again.

Author: ehoogerbeets

lib/xml2json.js

@@ -60,9 +60,10 @@ function endElement(name) {
             currentObject['$t'] = currentObject['$t'].trim()
         }
 
-        if (options.sanitize) {
-            currentObject['$t'] = sanitizer.sanitize(currentObject['$t'], true);
-        }
+        // node-expat already reverse sanitizes it whether we like it or not
+        //if (options.sanitize) {
+        //    currentObject['$t'] = sanitizer.sanitize(currentObject['$t'], true);
+        //}
 
         currentObject['$t'] = coerce(currentObject['$t'],name);
     }

test/test.js

@@ -129,6 +129,28 @@ describe('xml2json', function () {
         done();
     });
 
+    it('does doesnt double sanitize', function (done) {
+
+        var json = internals.readFixture('xmlsanitize3.json');
+        var result = parser.toXml(json, {sanitize: true});
+        var xml = internals.readFixture('xmlsanitize3.xml');
+
+        expect(result).to.equal(xml);
+
+        done();
+    });
+
+    it('does doesnt double unsanitize', function (done) {
+
+        var xml = internals.readFixture('xmlsanitize3.xml');
+        var result = parser.toJson(xml, {sanitize: true, reversible: true});
+        var json = internals.readFixture('xmlsanitize3.json');
+
+        expect(result).to.equal(json);
+
+        done();
+    });
+
     it('throws error on bad options', function (done) {
 
         var throws = function() {