Tasks #919
Bug #908: RGW allows users to create buckets and objects with invalid names
properly escape XML
% Done:
0%
Tags:
Reviewed:
Affected Versions:
Pull request ID:
Description
Properly escape the XML that we're sending in RGW.
For example, if the user sticks a control character in a bucket name, we may need to escape that in our bucket list response. Etc.
I think the characters that need to be escaped are:
control characters: 0x00-0x09, 0x0b-0x0c, 0x0e-0x1f characters used by xml itself: <>"'&
I think libexpat should already have something like this. We just need to ensure that we use it properly in RGW.
History
#1 Updated by Colin McCabe about 13 years ago
- Assignee set to Colin McCabe
#2 Updated by Colin McCabe about 13 years ago
confirmed: amazon escapes keys named """ (three quotes) as
"""
in the XML response.
Amazon translated an object named "control-V control-V control-V" to

In the XML response.
libboto can't handle the control-V response...
#3 Updated by Colin McCabe about 13 years ago
- Status changed from New to Resolved
implemented by 1e7b371c28009e9f5e8e1126ff71f7575dd13c40