Skip to content

Safer encoding #273

Merged
merged 2 commits into from
Feb 19, 2023
Merged

Safer encoding #273

merged 2 commits into from
Feb 19, 2023

Conversation

valentiay
Copy link
Contributor

@valentiay valentiay commented Feb 19, 2023
edited
Loading

Do not throw exceptions if illegal characters are encoded

Encoders for strings could throw exceptions if they were used to encode characters, that are not allowed in XML. This was confusing and unexpected behavior. Therefore now such characters are filtered out.

implicit val xmlEncoder: XmlEncoder[String] = XmlEncoder.fromElementEncoder[String]("string")
// Zero character is not allowed
xmlEncoder.encode("\u0000")
// Would throw, but now will output <string/>

Return either from encoding methods

⚠️ This breaks backwards compatibility

Encoders can still throw exceptions, for example, if element name is incorrect, like "1stElement". To handle such errors encoder methods now return Either, not pure values. To keep old behavior -Unsafe methods were added.

Do not throw in decoders

Decoder also could throw exceptions in some cases. Only parsing exceptions were handled. Now decoder can never throw exceptions.

@valentiay valentiay added this to the v0.19.3 milestone Feb 19, 2023
@valentiay valentiay merged commit 4330c3e into master Feb 19, 2023
@valentiay valentiay deleted the issue-273 branch February 19, 2023 11:48
@valentiay valentiay changed the title More secure encoding Safer encoding Feb 19, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.20.0
Development

Successfully merging this pull request may close these issues.
1 participant
@valentiay