Make ERC desktop notifications lenient to invalid XML characters

* lisp/xml.el (xml-invalid-characters-re): New constant. * lisp/erc/erc-desktop-notifications.el (erc-notifications-notify): Strip IRC control codes and invalid XML characters before notifying (bug#43328).
2020-09-13 16:49:00 +02:00 · 2020-09-13 16:49:00 +02:00 · 2bd41321a6
commit 2bd41321a6
parent def34a2076
2 changed files with 18 additions and 12 deletions
--- a/lisp/erc/erc-desktop-notifications.el
+++ b/lisp/erc/erc-desktop-notifications.el
@ -31,6 +31,7 @@
 (require 'erc)
 (require 'xml)
 (require 'notifications)
+(require 'erc-goodies)
 (require 'erc-match)
 (require 'dbus)

@ -62,12 +63,12 @@ This will replace the last notification sent with this function."
  ;; setting the current buffer to the existing query buffer)
  (dbus-ignore-errors
    (setq erc-notifications-last-notification
-          (let ((channel (if privp (erc-get-buffer nick) (current-buffer))))
+          (let* ((channel (if privp (erc-get-buffer nick) (current-buffer)))
+                 (title (format "%s in %s" (xml-escape-string nick t) channel))
+                 (body (xml-escape-string (erc-controls-strip msg) t)))
            (notifications-notify :bus erc-notifications-bus
-                                  :title (format "%s in %s"
-                                                 (xml-escape-string nick)
-                                                 channel)
-                                  :body (xml-escape-string msg)
+                                  :title title
+                                  :body body
                                  :replaces-id erc-notifications-last-notification
                                  :app-icon erc-notifications-icon
                                  :actions '("default" "Switch to buffer")
--- a/lisp/xml.el
+++ b/lisp/xml.el
@ -1015,7 +1015,10 @@ The first line is indented with the optional INDENT-STRING."

 (defalias 'xml-print 'xml-debug-print)

-(defun xml-escape-string (string)
+(defconst xml-invalid-characters-re
+  "[^\u0009\u000A\u000D\u0020-\uD7FF\uE000-\uFFFD\U00010000-\U0010FFFF]")
+
+(defun xml-escape-string (string &optional noerror)
  "Convert STRING into a string containing valid XML character data.
 Replace occurrences of &<>\\='\" in STRING with their default XML
 entity references (e.g., replace each & with &amp;).
@ -1026,15 +1029,17 @@ restriction on \" or \\=', but we just substitute for these too
 \(as is permitted by the spec).

 If STRING contains characters that are invalid in XML (as defined
-by https://www.w3.org/TR/xml/#charsets), signal an error of type
-`xml-invalid-character'."
+by https://www.w3.org/TR/xml/#charsets), operate depending on the
+value of NOERROR: if it is non-nil, remove them; else, signal an
+error of type `xml-invalid-character'."
  (with-temp-buffer
    (insert string)
    (goto-char (point-min))
-    (when (re-search-forward
-           "[^\u0009\u000A\u000D\u0020-\uD7FF\uE000-\uFFFD\U00010000-\U0010FFFF]"
-           nil t)
-      (signal 'xml-invalid-character (list (char-before) (match-beginning 0))))
+    (while (re-search-forward xml-invalid-characters-re nil t)
+      (if noerror
+          (replace-match "")
+        (signal 'xml-invalid-character
+                (list (char-before) (match-beginning 0)))))
    (dolist (substitution '(("&" . "&amp;")
 			    ("<" . "&lt;")
 			    (">" . "&gt;")