Skip to content

HTML-escaped characters in strings are unescaped when converting to XML elements #679

New issue
New issue
Closed
Closed
HTML-escaped characters in strings are unescaped when converting to XML elements#679
Labels
area/vropkgRelates to `vropkg` modulekind/bugSomething isn't workinglang/typescriptRelated to typescript codepriority/mediumtriage/acceptedThe issue was accepted and will be doneversion/patchThe change is a non-breaking bugfix
@bcpmihail

Description

@bcpmihail
bcpmihail
opened on Mar 28, 2025

Description

We have a JS vro project, containing the following action:

(function () {
    var Strings = function () {
        throw new Error("private constructor");
    };
    Strings.escapeHtml = function (str) {
        return str
            .replace(/&/g, "&")
            .replace(/\</g, "&lt;")
            .replace(/\>/g, "&gt;")
            .replace(/'/g, "&#39;")
            .replace(/"/g, "&quot;");
    };
    return Strings;
})

When used as a dependency in another JS vro project, in the copied Strings.js file in the target dependencies folder, the escapeHtml method is changed to:

Strings.escapeHtml = function (str) {
    return str
        .replace(/&/g, "&")
        .replace(/\</g, "<")
        .replace(/\>/g, ">")
        .replace(/'/g, "'")
        .replace(/"/g, """);
};

Causing the following error (shortened):

Error in beforeEach: C:\DEV\Github\pscoe.reusable-components.wl.nsx\target\vro-tests\dependencies\...\elements\...\Strings.js:226
[ERROR]         .replace(/"/g, """);
[ERROR]                        ^^

It seems that strings containing HTML-escaped characters are being "unescaped".

Steps to Reproduce

  1. In a JS project, add the Strings JS action above and build
  2. In another test JS project, use Strings in a JS action:
var Strings = System.getModule("first.test.project").Strings();
...
var escapedString= Strings.escapeHtml("sometString");
  1. Create a unit test for the action, placing the setup (fetching the action) in a try/catch block, outputting the stack of the error to the console.
  2. Build and run (mvn clean install) the (second) test project

Expected behavior: The (second) test project builds and tests pass successfully.

Actual behavior: There is an error for Strings.js

Reproduces how often: Always

Component/s: typescript/vropkg

Affects Build/s: [Which are the Build Tools for VMware Aria releases / builds affected by the issue]

Environment

Client

  • Build Tools for VMware Aria Version: 2.43.0
  • Visual Studio Code Version: 1.98.2
  • OS Version: Windows 11

Dependencies

Run: curl -o- https://raw.githubusercontent.com/vmware/build-tools-for-vmware-aria/main/health.sh | bash and paste the output here:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2877 100 2877 0 0 7173 0 --:--:-- --:--:-- --:--:-- 7192
Starting VMware Aria Build Tools Checks...
Starting VMware Aria Build Tools Checks...
✔ Node.js version 22.14.0 is within the required range (22 - 22).
✔ Maven version 3.9.9 meets the minimum requirement (>= 3.9).
✔ Java version 17.0.11 is within the required range (17 - 21).
All checks passed successfully.

Server

  • vRealize Automation Version:
  • vRealize Orchestrator Version:
  • vRealize Operations Version:
  • vRealize Log Insight Version:

Failure Logs

Related issues and PRs

Additional Context

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/vropkgRelates to `vropkg` modulekind/bugSomething isn't workinglang/typescriptRelated to typescript codepriority/mediumtriage/acceptedThe issue was accepted and will be doneversion/patchThe change is a non-breaking bugfix

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions