2009-06-30 Zoltan Varga <vargaz@gmail.com>

[mono.git] / mcs / class / corlib / System.Security / SecurityElement.cs

diff --git a/mcs/class/corlib/System.Security/SecurityElement.cs b/mcs/class/corlib/System.Security/SecurityElement.cs
index c1be6f1eb117b1221a53f3cae198c957404cba1b..7fd209bd6b7aa0ce3444f55cf6364a9e8df7d12c 100644 (file)
--- a/mcs/class/corlib/System.Security/SecurityElement.cs
+++ b/mcs/class/corlib/System.Security/SecurityElement.cs
@@ -58,7 +58,7 @@ namespace System.Security {
                                        throw new ArgumentException (Locale.GetText ("Invalid XML attribute value") + ": " + value);
 
                                _name = name;
-                               _value = value;
+                               _value = SecurityElement.Unescape (value);
                        }
 
                        public string Name {
@@ -95,8 +95,13 @@ namespace System.Security {
                
                public SecurityElement (string tag, string text)
                {
-                       this.Tag = tag;
-                       this.Text = text;
+                       if (tag == null)
+                               throw new ArgumentNullException ("tag");
+                       if (!IsValidTag (tag))
+                               throw new ArgumentException (Locale.GetText ("Invalid XML string") + ": " + tag);
+                       this.tag = tag;
+
+                       Text = text;
                }
 
                // not a deep copy (childs are references)
@@ -129,7 +134,7 @@ namespace System.Security {
                                return result;
                        }
 
-                       set {                           
+                       set {
                                if (value == null || value.Count == 0) {
                                        attributes.Clear ();
                                        return;
@@ -170,11 +175,10 @@ namespace System.Security {
                        }
                        set {
                                if (value == null)
-                                       throw new ArgumentNullException ();
+                                       throw new ArgumentNullException ("Tag");
                                if (!IsValidTag (value))
                                        throw new ArgumentException (Locale.GetText ("Invalid XML string") + ": " + value);
-                               int colon = value.IndexOf (':');
-                               tag = colon < 0 ? value : value.Substring (colon + 1);
+                               tag = value;
                        }
                }
 
@@ -184,9 +188,13 @@ namespace System.Security {
                        }
 
                        set {
-                               if (!IsValidText (value))
-                                       throw new ArgumentException (Locale.GetText ("Invalid XML string") + ": " + text);                              
-                               text = value;
+                               if (value != null) {
+                                       if (!IsValidText (value))
+                                               throw new ArgumentException (
+                                                       Locale.GetText ("Invalid XML string")
+                                                       + ": " + value);
+                               }
+                               text = Unescape (value);
                        }
                }
 
@@ -282,7 +290,10 @@ namespace System.Security {
                public static string Escape (string str)
                {
                        StringBuilder sb;
-                       
+
+                       if (str == null)
+                               return null;
+
                        if (str.IndexOfAny (invalid_chars) == -1)
                                return str;
 
@@ -305,8 +316,24 @@ namespace System.Security {
                        return sb.ToString ();
                }
 
+               private static string Unescape (string str)
+               {
+                       StringBuilder sb;
+
+                       if (str == null)
+                               return null;
+
+                       sb = new StringBuilder (str);
+                       sb.Replace ("&lt;", "<");
+                       sb.Replace ("&gt;", ">");
+                       sb.Replace ("&amp;", "&");
+                       sb.Replace ("&quot;", "\"");
+                       sb.Replace ("&apos;", "'");
+                       return sb.ToString ();
+               }
+
 #if NET_2_0
-               public 
+               public
 #else
                internal
 #endif
@@ -321,8 +348,7 @@ namespace System.Security {
                                SecurityParser sp = new SecurityParser ();
                                sp.LoadXml (xml);
                                return sp.ToXml ();
-                       }
-                       catch (Exception e) {
+                       } catch (Exception e) {
                                string msg = Locale.GetText ("Invalid XML.");
                                throw new XmlSyntaxException (msg, e);
                        }
@@ -338,16 +364,14 @@ namespace System.Security {
                        return value != null && value.IndexOfAny (invalid_attr_value_chars) == -1;
                }
 
-               public static bool IsValidTag (string value)
+               public static bool IsValidTag (string tag)
                {
-                       return value != null && value.IndexOfAny (invalid_tag_chars) == -1;
+                       return tag != null && tag.IndexOfAny (invalid_tag_chars) == -1;
                }
 
-               public static bool IsValidText (string value)
+               public static bool IsValidText (string text)
                {
-                       if (value == null)
-                               return true;
-                       return value.IndexOfAny (invalid_text_chars) == -1;
+                       return text != null && text.IndexOfAny (invalid_text_chars) == -1;
                }
 
                public SecurityElement SearchForChildByTag (string tag) 
@@ -364,7 +388,7 @@ namespace System.Security {
                                        return elem;
                        }
                        return null;
-               }                       
+               }
 
                public string SearchForTextOfTag (string tag) 
                {
@@ -383,7 +407,7 @@ namespace System.Security {
                                        return result;
                        }
 
-                       return null;                    
+                       return null;
                }
                
                public override string ToString ()
@@ -415,7 +439,7 @@ namespace System.Security {
 #endif
                                        s.Append (sa.Name)
                                         .Append ("=\"")
-                                        .Append (sa.Value)
+                                        .Append (Escape (sa.Value))
                                         .Append ("\"");
                                        if (i != attributes.Count - 1)
                                                s.Append (Environment.NewLine);
@@ -426,7 +450,7 @@ namespace System.Security {
                            (children == null || children.Count == 0))
                                s.Append ("/>").Append (Environment.NewLine);
                        else {
-                               s.Append (">").Append (text);
+                               s.Append (">").Append (Escape (text));
                                if (children != null) {
                                        s.Append (Environment.NewLine);
                                        foreach (SecurityElement child in children) {