From c3606cac9411d12c9094fb932090829bffd53dac Mon Sep 17 00:00:00 2001
From: llaffont <llaffont@git-test.afi-sa.fr>
Date: Mon, 10 Dec 2012 13:36:13 +0000
Subject: [PATCH] =?UTF-8?q?Correction=20validation=20OAI=20avec=20attribut?=
=?UTF-8?q?=20mal=20form=C3=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
library/Class/Xml/Builder.php | 2 +-
.../controllers/OAIControllerGetRecordTest.php | 14 +++++++++++---
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/library/Class/Xml/Builder.php b/library/Class/Xml/Builder.php
index 6ed15d5a476..afb735f95c6 100644
--- a/library/Class/Xml/Builder.php
+++ b/library/Class/Xml/Builder.php
@@ -54,7 +54,7 @@ class Class_Xml_Builder {
public function attributesToString($attributes) {
$attribs = '';
foreach ($attributes as $k => $v)
- $attribs .= ' ' . $k . '="' . $v . '"';
+ $attribs .= ' ' . $k . '="' . htmlentities($v, ENT_COMPAT|ENT_XML1) . '"';
return $attribs;
}
diff --git a/tests/application/modules/opac/controllers/OAIControllerGetRecordTest.php b/tests/application/modules/opac/controllers/OAIControllerGetRecordTest.php
index 9039fd5d518..ae4a6b4a461 100644
--- a/tests/application/modules/opac/controllers/OAIControllerGetRecordTest.php
+++ b/tests/application/modules/opac/controllers/OAIControllerGetRecordTest.php
@@ -34,6 +34,8 @@ abstract class OAIControllerGetRecordTestCase extends AbstractControllerTestCase
}
+
+
class OAIControllerGetRecordNoIdentifierTest extends OAIControllerGetRecordTestCase {
public function setUp() {
parent::setUp();
@@ -57,6 +59,8 @@ class OAIControllerGetRecordNoIdentifierTest extends OAIControllerGetRecordTestC
}
+
+
class OAIControllerGetRecordNoMetadataPrefixTest extends OAIControllerGetRecordTestCase {
public function setUp() {
parent::setUp();
@@ -81,6 +85,7 @@ class OAIControllerGetRecordNoMetadataPrefixTest extends OAIControllerGetRecordT
+
class OAIControllerGetRecordNotFoundParamsTest extends OAIControllerGetRecordTestCase {
public function setUp() {
parent::setUp();
@@ -90,7 +95,7 @@ class OAIControllerGetRecordNotFoundParamsTest extends OAIControllerGetRecordTes
->with('harrypotter-sorciers')
->answers(null);
- $this->dispatch('/opac/oai/request?verb=GetRecord&metadataPrefix=oai_dc&identifier=harrypotter-sorciers', true);
+ $this->dispatch('/opac/oai/request?verb=GetRecord&metadataPrefix=oai_dc&identifier=harrypotter-sorciers\"id', true);
$this->_xml = $this->_response->getBody();
}
@@ -98,7 +103,7 @@ class OAIControllerGetRecordNotFoundParamsTest extends OAIControllerGetRecordTes
/** @test */
public function requestVerbShouldBeGetRecord() {
$this->_xpath->assertXpath($this->_xml,
- '//oai:request[@verb="GetRecord"][@identifier="harrypotter-sorciers"][@metadataPrefix="oai_dc"]');
+ '//oai:request[@verb="GetRecord"][contains(@identifier, "harrypotter-sorciers")][@metadataPrefix="oai_dc"]');
}
@@ -110,6 +115,8 @@ class OAIControllerGetRecordNotFoundParamsTest extends OAIControllerGetRecordTes
}
+
+
class OAIControllerGetRecordNotSupportedPrefixTest extends OAIControllerGetRecordTestCase {
public function setUp() {
parent::setUp();
@@ -143,6 +150,8 @@ class OAIControllerGetRecordNotSupportedPrefixTest extends OAIControllerGetRecor
}
+
+
class OAIControllerGetRecordValidParamsTest extends OAIControllerGetRecordTestCase {
public function setUp() {
parent::setUp();
@@ -212,5 +221,4 @@ class OAIControllerGetRecordValidParamsTest extends OAIControllerGetRecordTestCa
self::OAI_RECORD_PATH . 'oai:metadata',
1);
}
-
}
\ No newline at end of file
--
GitLab