Loading ...
Sorry, an error occurred while loading the content.
 

Re: [soaplite] Re: die with "<" character throws no SOAP error

Expand Messages
  • Byrne Reese
    Ok... the fact that my parser does not choke is weird in and of itself because SOAP::Lite is not escaping the variables properly as you discovered.
    Message 1 of 6 , Oct 19, 2003
      Ok... the fact that my parser does not choke is weird in and of itself
      because SOAP::Lite is not escaping the variables properly as you
      discovered. Furthermore, the encoder does not escape the '>' character.
      So I made a couple of changes and am in the process of checking in the
      code now. It will go out in the next release. Thank you for catching
      this!!

      Sincerely,
      The SOAP::Lite Development Team

      On Sun, 2003-10-19 at 17:55, Byrne Reese wrote:
      > So I started work on adding this patch and so far have been unable to
      > reproduce it ... which is weird obviously.
      >
      > I am running perl 5.8.0 and SOAP::Lite 0.60. I am in the process of
      > upgrading to the latest perl modules that S::L depends upon. I will
      > let
      > you know my progress.
      >
      > On Fri, 2003-10-17 at 05:03, hct092003 wrote:
      > > <duncan_cameron2002> wrote:
      > >
      > > thanky for your reply.
      > >
      > > > Yes SOAP::Lite should take care of that, and it probably is a bug.
      > > > I have looked at the source code but this stuff is so fiendishly
      > > > convoluted that I can't see where the fault value needs to be
      > > escaped.
      > >
      > > I digged by myself a little bit and added this mini patch at
      > SOAP:Lite
      > > in Line 1197 (version 0.60, "sub envelope" )
      > >
      > > } elsif ($type eq 'fault') {
      > > SOAP::Trace::fault(@parameters);
      > > #now my patch
      > > $parameters[1]=SOAP::Utils::encode_data($parameters[1]);
      > > # patch done
      > > $body = SOAP::Data
      > > [...]
      > >
      > >
      > > this works pretty well for me but I can't see nasty sideeffects
      > > because I have nearly no experiences with SOAP at the moment.
      > > I would be very happy if some SOAP Lite guru here could comment this
      > > patch and why it's good or bad.
      > >
      > > > As a temporary fix you could escape the special characters
      > yourself.
      > > > This is the code that is used internally
      > > >
      > > > my %encode_data = ('&' => '&', '<' => '<', "\xd" =>
      > ' ');
      > > > sub encode_data {
      > > > (my $e = $_[0]) =~ s/([&<\015])/$encode_data{$1}/g;
      > > > $e =~ s/\]\]>/\]\]>/g;
      > > > $e
      > > > }
      > >
      > > yes, this might work but sometimes perl dies with "MY DIE MESSAGE at
      > > myMOD.pm line 13, <DATA> line 283.".
      > > The "<DATA> line 283." part comes from perl itself and is not
      > written
      > > by me, so I can't encode that part of string.
      > >
      > >
      > >
      > >
      > > Yahoo! Groups Sponsor
      > > ADVERTISEMENT
      > > Click Here!
      > >
      > > To unsubscribe from this group, send an email to:
      > > soaplite-unsubscribe@yahoogroups.com
      > >
      > >
      > >
      > > Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
      > --
      > Byrne Reese <byrne@...>
      >
      >
      > Yahoo! Groups Sponsor
      > ADVERTISEMENT
      > Click Here!
      >
      > To unsubscribe from this group, send an email to:
      > soaplite-unsubscribe@yahoogroups.com
      >
      >
      >
      > Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
      --
      Byrne Reese <byrne@...>
    • hct092003
      ... great. Thanks for taking care. -- Uwe Gansert - ug_at_suse.de
      Message 2 of 6 , Oct 20, 2003
        --- In soaplite@yahoogroups.com, Byrne Reese <byrne@m...> wrote:

        > It will go out in the next release.
        > Thank you for catching this!!
        >
        > Sincerely,
        > The SOAP::Lite Development Team

        great. Thanks for taking care.


        --
        Uwe Gansert - ug_at_suse.de
      Your message has been successfully submitted and would be delivered to recipients shortly.