fix: strip illegal XML chars from rendered output#653
Merged
Conversation
Add XML 1.0 illegal-character sanitization to template rendering and core property rendering so control/noncharacter code points injected via context values no longer break DOCX XML parsing. The change uses a regex-based fast path and preserves valid XML whitespace controls. Also adds a regression test template/script covering body text, escaped content, header/footer, and core properties.
Update the illegal XML character regex to better match XML 1.0 constraints by covering the full DEL/C1 control range (`\x7f-\x9f`) and excluding UTF-16 surrogate code points (`\ud800-\udfff`). This prevents invalid characters from leaking into generated document XML.
fix: strip illegal XML chars from rendered output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request improves the robustness of XML output by ensuring that any XML-1.0-illegal characters injected through context values are stripped from rendered output. This prevents document corruption due to invalid XML characters and adds a test to verify this behavior.
XML character sanitization:
_ILLEGAL_XML_CHARS_REand a helper function_strip_illegal_xml_charsto remove illegal XML-1.0 characters from rendered output, mirroring the approach used in other libraries like openpyxl._strip_illegal_xml_charsinrender_xml_partandrender_propertiesto sanitize all rendered XML strings and core properties before they are parsed or written, preventing any single bad character from corrupting the output.Testing:
tests/illegal_xml_chars.pyto verify that XML-1.0-illegal characters injected through context values are correctly stripped from all relevant parts of the document.