tdf#83877 Make user input xml safe

Change-Id: Iff1311932ef6a4525faa999553884bd8d23f3f30 Reviewed-on: https://gerrit.libreoffice.org/52814Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>

tdf#83877 Make user input xml safe
Change-Id: Iff1311932ef6a4525faa999553884bd8d23f3f30 Reviewed-on: https://gerrit.libreoffice.org/52814Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
ee79612f · Samuel Mehrbrodt · 39f1c0cd · ee79612f · ee79612f · ee79612f
Kaydet (Commit) ee79612f authored Nis 13, 2018 tarafından Samuel Mehrbrodt
5 changed files
--- a/cui/source/dialogs/SignSignatureLineDialog.cxx
+++ b/cui/source/dialogs/SignSignatureLineDialog.cxx
@@ -148,9 +148,4 @@ void SignSignatureLineDialog::Apply()
    m_xShapeProperties->setPropertyValue("Graphic", Any(xGraphic));
 }

-OUString SignSignatureLineDialog::getCDataString(const OUString& rString)
-{
-    return "<![CDATA[" + rString + "]]>";
-}
-
 /* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */
--- a/cui/source/dialogs/SignatureLineDialog.cxx
+++ b/cui/source/dialogs/SignatureLineDialog.cxx
@@ -101,8 +101,8 @@ void SignatureLineDialog::Apply()

    // Read svg and replace placeholder texts
    OUString aSvgImage(getSignatureImage());
-    aSvgImage = aSvgImage.replaceAll("[SIGNER_NAME]", aSignerName);
-    aSvgImage = aSvgImage.replaceAll("[SIGNER_TITLE]", aSignerTitle);
+    aSvgImage = aSvgImage.replaceAll("[SIGNER_NAME]", getCDataString(aSignerName));
+    aSvgImage = aSvgImage.replaceAll("[SIGNER_TITLE]", getCDataString(aSignerTitle));

    // These are only filled if the signature line is signed.
    aSvgImage = aSvgImage.replaceAll("[SIGNATURE]", "");

--- a/cui/source/dialogs/SignatureLineDialogBase.cxx
+++ b/cui/source/dialogs/SignatureLineDialogBase.cxx
@@ -30,6 +30,11 @@ short SignatureLineDialogBase::execute()
    return nRet;
 }

+OUString SignatureLineDialogBase::getCDataString(const OUString& rString)
+{
+    return "<![CDATA[" + rString + "]]>";
+}
+
 OUString SignatureLineDialogBase::getSignatureImage()
 {
    OUString const svg(

--- a/cui/source/inc/SignSignatureLineDialog.hxx
+++ b/cui/source/inc/SignSignatureLineDialog.hxx
@@ -35,7 +35,6 @@ private:

    void ValidateFields();
    virtual void Apply() override;
-    OUString getCDataString(const OUString& rString);

    DECL_LINK(chooseCertificate, weld::Button&, void);
 };

--- a/cui/source/inc/SignatureLineDialogBase.hxx
+++ b/cui/source/inc/SignatureLineDialogBase.hxx
@@ -26,6 +26,7 @@ protected:
    css::uno::Reference<css::frame::XModel> m_xModel;
    OUString getSignatureImage();
    virtual void Apply() = 0;
+    OUString getCDataString(const OUString& rString);
 };

 #endif