This project is read-only.

Do not HTML-Escape non-html AtomEntity.Content


The implementation of AtomContent.WriteTo() uses System.Xml.XmlWriter.WriteString(), which HTML-escapes certain characters (as described in MSDN: But if the content type is not an html/xhtml MIME type, it should not be escaped (see Section of RFC 4287 [the Atom Syndication Spec]). Attached is sample code.

file attachments


IanMayo wrote Sep 23, 2008 at 4:12 PM

I'd like to increase the impact of this issue please, since it represents a failure to comply with the Atom spec.

From looking at the code is appears that the following fix is required:
  • identify whether the type of the entry content requires html-escapes
  • use plain writer/html-escaping writer as required

wrote Oct 27, 2009 at 11:44 AM

wrote Nov 13, 2009 at 10:14 AM

wrote Dec 7, 2009 at 12:25 AM

wrote Feb 14, 2013 at 8:26 PM

wrote Nov 27 at 8:35 PM