Test that user data passed to XML::Tags::to_xml_string is automatically escaped
(to protect against cross-side scripting attacks), and that mechanism to turned
automatic off escaping works.
This test can also serve as example on how to turn off autoescaping of user
data.
Signed-off-by: Jakub Narebski <jnareb@gmail.com>
<woo ent="$ent">;
}
-sub flaax {
- use XML::Tags qw(woo);
- my $data = "one&two<three>four";
- <woo>, $data, </woo>,
- <woo>, \$data, </woo>;
-}
+ sub flaax {
+ use XML::Tags qw(woo);
+ my $data = "one&two<three>four";
+ <woo>, $data, </woo>,
+ <woo>, \$data, </woo>;
+ }
sub globbery {
<t/globbery/*>;