diff options
| author | xuri <xuri.me@gmail.com> | 2022-11-15 22:08:37 +0800 |
|---|---|---|
| committer | xuri <xuri.me@gmail.com> | 2022-11-15 22:08:37 +0800 |
| commit | 45d168c79d2d3f3d0dd6247e2b527f3007d84793 (patch) | |
| tree | 70d84647e84a8e04939e797b9ca7ceee008bf4a6 | |
| parent | ac564afa56a691e378ab9bb04cb14bb283886a16 (diff) | |
This closes #1391, escape XML characters to avoid with corrupt file
- Update and improve unit test coverage
| -rw-r--r-- | adjust.go | 8 | ||||
| -rw-r--r-- | cell.go | 5 | ||||
| -rw-r--r-- | stream_test.go | 18 |
3 files changed, 20 insertions, 11 deletions
@@ -279,16 +279,14 @@ func (f *File) adjustAutoFilter(ws *xlsxWorksheet, dir adjustDirection, num, off rowData.Hidden = false } } - return nil + return err } coordinates = f.adjustAutoFilterHelper(dir, coordinates, num, offset) x1, y1, x2, y2 = coordinates[0], coordinates[1], coordinates[2], coordinates[3] - if ws.AutoFilter.Ref, err = f.coordinatesToRangeRef([]int{x1, y1, x2, y2}); err != nil { - return err - } - return nil + ws.AutoFilter.Ref, err = f.coordinatesToRangeRef([]int{x1, y1, x2, y2}) + return err } // adjustAutoFilterHelper provides a function for adjusting auto filter to @@ -12,6 +12,7 @@ package excelize import ( + "bytes" "encoding/xml" "fmt" "os" @@ -490,7 +491,9 @@ func (c *xlsxC) setCellValue(val string) { // string. func (c *xlsxC) setInlineStr(val string) { c.T, c.V, c.IS = "inlineStr", "", &xlsxSI{T: &xlsxT{}} - c.IS.T.Val, c.IS.T.Space = trimCellValue(val) + buf := &bytes.Buffer{} + _ = xml.EscapeText(buf, []byte(val)) + c.IS.T.Val, c.IS.T.Space = trimCellValue(buf.String()) } // setStr set cell data type and value which containing a formula string. diff --git a/stream_test.go b/stream_test.go index dca06aa..925a6a7 100644 --- a/stream_test.go +++ b/stream_test.go @@ -58,11 +58,19 @@ func TestStreamWriter(t *testing.T) { // Test set cell with style and rich text. styleID, err := file.NewStyle(&Style{Font: &Font{Color: "#777777"}}) assert.NoError(t, err) - assert.NoError(t, streamWriter.SetRow("A4", []interface{}{Cell{StyleID: styleID}, Cell{Formula: "SUM(A10,B10)"}}, RowOpts{Height: 45, StyleID: styleID})) - assert.NoError(t, streamWriter.SetRow("A5", []interface{}{&Cell{StyleID: styleID, Value: "cell"}, &Cell{Formula: "SUM(A10,B10)"}, []RichTextRun{ - {Text: "Rich ", Font: &Font{Color: "2354e8"}}, - {Text: "Text", Font: &Font{Color: "e83723"}}, - }})) + assert.NoError(t, streamWriter.SetRow("A4", []interface{}{ + Cell{StyleID: styleID}, + Cell{Formula: "SUM(A10,B10)", Value: " preserve space "}, + }, + RowOpts{Height: 45, StyleID: styleID})) + assert.NoError(t, streamWriter.SetRow("A5", []interface{}{ + &Cell{StyleID: styleID, Value: "cell <>&'\""}, + &Cell{Formula: "SUM(A10,B10)"}, + []RichTextRun{ + {Text: "Rich ", Font: &Font{Color: "2354e8"}}, + {Text: "Text", Font: &Font{Color: "e83723"}}, + }, + })) assert.NoError(t, streamWriter.SetRow("A6", []interface{}{time.Now()})) assert.NoError(t, streamWriter.SetRow("A7", nil, RowOpts{Height: 20, Hidden: true, StyleID: styleID})) assert.EqualError(t, streamWriter.SetRow("A8", nil, RowOpts{Height: MaxRowHeight + 1}), ErrMaxRowHeight.Error()) |