diff --git a/WEB-INF/src/org/cdlib/xtf/textIndexer/XMLTextProcessor.java b/WEB-INF/src/org/cdlib/xtf/textIndexer/XMLTextProcessor.java index 924e1cf4..4fbfd1f9 100644 --- a/WEB-INF/src/org/cdlib/xtf/textIndexer/XMLTextProcessor.java +++ b/WEB-INF/src/org/cdlib/xtf/textIndexer/XMLTextProcessor.java @@ -1653,7 +1653,9 @@ private String processMetaAttribs(Attributes atts) buf.append(' '); String name = atts.getLocalName(i); String value = atts.getValue(i); - buf.append(name + "=\"" + mapXMLChars(value) + "\""); + buf.append(name).append("=\""); + escapeXml(value, buf, true); + buf.append("\""); } // for i // All done. @@ -2055,8 +2057,7 @@ public void flushCharacters() // Map special XML characters to entities, so we can tell the difference // between these and embedded XML in the meta-data. // - tmp = mapXMLChars(tmp); - metaBuf.append(tmp); + escapeXml(tmp, metaBuf, false); return; } @@ -2285,16 +2286,23 @@ public void flushCharacters() /** * Map special characters in XML to their entity equivalents. + * + * @param charSequence input text + * @param buf output buffer + * @param quot whether double-quotes also need escaping */ - private String mapXMLChars(String str) + private void escapeXml(CharSequence charSequence, StringBuffer buf, boolean quot) { - if (str.indexOf('&') >= 0) - str = str.replaceAll("&", "&"); - if (str.indexOf('<') >= 0) - str = str.replaceAll("<", "<"); - if (str.indexOf('>') >= 0) - str = str.replaceAll(">", ">"); - return str; + for (int i = 0; i < charSequence.length(); i++) { + char c = charSequence.charAt(i); + switch (c) { + case '<': buf.append("<"); break; + case '>': buf.append(">"); break; + case '&': buf.append("&"); break; + case '"': buf.append(quot ? """ : c); break; + default: buf.append(c); break; + } + } } //////////////////////////////////////////////////////////////////////////////