发表新帖
发表新帖

string escape into XML-Attribute

后端 未结
关注
3 1113
别跟我提以往
别跟我提以往 2021-02-20 11:00

I had a look at string escape into XML and found it very useful.

I would like to do a similar thing: Escape a string to be used in an XML-Attribute.

The string m

相关标签:
3条回答
  • 别跟我提以往
    2021-02-20 11:12

    if it can be of any help, in several language, one uses createCDATASection to avoid all XML special characters.

    It adds something like this :

    <tag><![CDATA[ <somecontent/> ]]></tag>
    0 讨论(0)
  • 悲&欢浪女
    2021-02-20 11:14 
    public static string XmlEscapeAttribute(string unescaped)
{
    if (string.IsNullOrEmpty(unescaped))
        return unescaped;

    var attributeString = new XAttribute("n", unescaped).ToString();

    // Extract the string from the text like: n="text".
    return attributeString.Substring(3, attributeString.Length - 4);
}

    This solution is similar to the one one proposed by @Mathias E. but it uses LINQ to XML rather than XmlDocument so should be faster.

    The SecurityElement.Escape() solution has a couple of problems. First it doesn't encode new lines so that has to be done as an additional step. Also, it encodes apostrophes as &apos; which is not correct in an attribute value per the XML spec.

    Inspiration for my solution came from this post.

    0 讨论(0)
  • 北海茫月
    2021-02-20 11:23

    Modifying the solution you referenced, how about

    public static string XmlEscape(string unescaped)
{
    XmlDocument doc = new XmlDocument();
    var node = doc.CreateAttribute("foo");
    node.InnerText = unescaped;
    return node.InnerXml;
}

    All I did was change CreateElement() to CreateAttribute(). The attribute node type does have InnerText and InnerXml properties.

    I don't have the environment to test this in, but I'd be curious to know if it works.

    Update: Or more simply, use SecurityElement.Escape() as suggested in another answer to the question you linked to. This will escape quotation marks, so it's suitable for using for attribute text.

    Update 2: Please note that carriage returns and line feeds do not need to be escaped in an attribute value, in order for the XML to be well-formed. If you want them to be escaped for other reasons, you can do it using String.replace(), e.g.

    SecurityElement.Escape(unescaped).Replace("\r", "&#xD;").Replace("\n", "&#xA;");

    or 

    return node.InnerXml.Replace("\r", "&#xD;").Replace("\n", "&#xA;");
    0 讨论(0)
 看不清?
提交回复
热议问题