Bug 1279842 - Explicitly escape markup instead of using generic HTML escape function. r?m_kato
MozReview-Commit-ID: 2vk8lffmDh4
--- a/dom/media/webspeech/synth/windows/SapiService.cpp
+++ b/dom/media/webspeech/synth/windows/SapiService.cpp
@@ -369,23 +369,32 @@ SapiService::Speak(const nsAString& aTex
// Set the pitch using xml
nsAutoString xml;
xml.AssignLiteral("<pitch absmiddle=\"");
// absmiddle doesn't allow float type
xml.AppendInt(static_cast<int32_t>(aPitch * 10.0f - 10.0f));
xml.AppendLiteral("\">");
uint32_t textOffset = xml.Length();
- const char16_t* escapedText =
- nsEscapeHTML2(aText.BeginReading(), aText.Length());
- if (!escapedText) {
- return NS_ERROR_OUT_OF_MEMORY;
+ for (size_t i = 0; i < aText.Length(); i++) {
+ switch (aText[i]) {
+ case '&':
+ xml.AppendLiteral("&");
+ break;
+ case '<':
+ xml.AppendLiteral("<");
+ break;
+ case '>':
+ xml.AppendLiteral(">");
+ break;
+ default:
+ xml.Append(aText[i]);
+ break;
+ }
}
- xml.Append(escapedText);
- free((void*)escapedText);
xml.AppendLiteral("</pitch>");
RefPtr<SapiCallback> callback =
new SapiCallback(aTask, spVoice, textOffset, aText.Length());
// The last three parameters doesn't matter for an indirect service
nsresult rv = aTask->Setup(callback, 0, 0, 0);