Expand description
XML character escaping helpers.
escape_text and escape_attr are intentionally separate even though
both currently delegate to quick_xml::escape::escape (which handles all
five XML special characters). Keeping them distinct lets callers
communicate intent, and leaves room to differentiate behaviour in the
future (e.g. skipping " / ' in text-only contexts for smaller output).
§Decision: detail escaping
SoapFault::detail is always treated as plain text in this codebase.
All call sites in soap-server construct detail from internal error messages
or static strings; none embed pre-formed XML markup. Therefore detail
content is escaped with escape_text just like reason. If a future
caller needs to embed literal XML in a fault detail element it must
construct a SoapFault whose detail field already contains the correct
escaped representation, or it must supply the literal XML via a wrapper
element and bypass this helper.
Functions§
- escape_
attr - Escape a string for use in an XML attribute value (
&,<,>,",'). - escape_
text - Escape a string for use in XML text content (
&,<,>,",').