Escaping XML transforms

andrew.schmidt · December 6, 2018, 1:39pm

I have a Template:

< test>{{ index . “test” }}</ test>

And a json payload:

{“test”: " < "}

This outputs:

< test> < < /test>

Which is clearly invalid xml. How does one output the values but XML/HTML escaped correctly?

Last year jsonMarshal function was added to body transforms so that one could escape json output properly.

Is there a similar method but one for XML?

andrew.schmidt · January 23, 2019, 3:18pm

Anyone have any ideas?

leon · January 23, 2019, 4:51pm

I see your point.

We definitely need to create xmlMarshal function as well.

Can you create a ticket in Github?

PR for this should be actually quite small, and almost exactly same as for json:

github.com

TykTechnologies/tyk/blob/8dcd4998600277140ef85dd727a12ad93b7eadbc/api_definition.go#L507-L512


      
          var apiTemplate = template.New("").Funcs(map[string]interface{}{
          	"jsonMarshal": func(v interface{}) (string, error) {
          		bs, err := json.Marshal(v)
          		return string(bs), err
          	},
          })

andrew.schmidt · January 24, 2019, 3:24pm

I’ve created a ticket in github:

github.com/TykTechnologies/tyk

Request for xmlMarshal function in body transform

opened 03:13PM - 24 Jan 19 UTC

closed 12:10PM - 11 Jun 19 UTC

andrewscode

enhancement needs documenting customer request Priority: Medium

**Do you want to request a *feature* or report a *bug*?** Feature **What is …the current behavior?** There is currently no way to escape xml outputs in a body transform I have a Template: `<test>{{ index . “test” }}</ test>` And a json payload: `{“test”: " < "}` This outputs: `<test> < </test>` Which is clearly invalid xml. **What is the expected behavior?** To be able to escape xml output in a body transform. jsonMarshal was added for json transforms, a xmlMarshal is also needed **Which versions of Tyk affected by this issue? Did this work in previous versions of Tyk?** All

Thanks