xml serialization doesn't escape &

[justin2004]

$ cat query2.rq 
PREFIX wds: <http://www.wikidata.org/entity/statement/>
select * 
where {
  # wds:Q23-21309B07-59CA-4703-A191-D8CD4E7B3FBF ?p ?o .
wds:Q183-a03c757b-464a-b91f-f37f-b2207b057a66 ?p ?o .
}
$ curl -u USER:PASSWORD -X PUT "http://localhost:8080/basil" -H "X-Basil-Endpoint: https://query.wikidata.org/sparql" -T query2.rq

then hitting http://localhost:8080/basil/r1cvkhc78hfd/api in a browser:

This page contains the following errors:
error on line 18 at column 13: EntityRef: expecting ';'
Below is a rendering of the page up to the first error.
p o http://wikiba.se/ontology#rank http://wikiba.se/ontology#NormalRank http://www.w3.org/1999/02/22-rdf-syntax-ns#type http://wikiba.se/ontology#BestRank http://www.wikidata.org/prop/statement/P8988

because there is a & in the bindings that doesn't get escaped when serializing as xml so the xml isn't well-formed.

[enridaga]

Can you please paste the full source code of the response (including HTTP response headers)?

[justin2004]

sure.

$ curl -v -H 'Accept: application/xml' 'http://localhost:8080/basil/r1cvkhc78hfd/api' > out.xml
*   Trying 127.0.0.1:8080...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /basil/r1cvkhc78hfd/api HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.81.0
> Accept: application/xml
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Mon, 18 Dec 2023 19:55:36 GMT
< X-Basil-Api: http://localhost:8080/basil/r1cvkhc78hfd/api
< X-Basil-Alias: http://localhost:8080/basil/r1cvkhc78hfd/alias
< X-Basil-Spec: http://localhost:8080/basil/r1cvkhc78hfd/spec
< X-Basil-Direct: http://localhost:8080/basil/r1cvkhc78hfd/direct
< X-Basil-View: http://localhost:8080/basil/r1cvkhc78hfd/view
< X-Basil-Docs: http://localhost:8080/basil/r1cvkhc78hfd/docs
< X-Basil-Swagger: http://localhost:8080/basil/r1cvkhc78hfd/api-docs
< X-Basil-Creator: penelope
< Content-Type: application/xml; charset=UTF-8
< Content-Length: 461
< Server: Jetty(9.4.51.v20230217)
< 
{ [461 bytes data]
100   461  100   461    0     0   2646      0 --:--:-- --:--:-- --:--:--  2664
* Connection #0 to host localhost left intact

$ xmllint out.xml 
out.xml:18: parser error : EntityRef: expecting ';'
                        <o>osm&id=276</o>
                                 ^

[justin2004]

instead of building the xml sparql bindings like this

i wonder if we could jena's xml sparql bindings serialization code? not by copying it but by invoking it, i mean. jena directly can handle this situation:

curl --silent 'http://localhost:3000/sparql.anything'  \
--header "Accept: application/xml" \
--data-urlencode 'query=
select * 
WHERE {
bind("100 & 200" as ?what)
}'

yields:

<?xml version="1.0"?>
<sparql xmlns="http://www.w3.org/2005/sparql-results#">
  <head>
    <variable name="what"/>
  </head>
  <results>
    <result> 
      <binding name="what">
        <literal>100 &amp; 200</literal>
      </binding> 
    </result>
  </results>
</sparql>

notice the & escape

[enridaga]

Indeed, I can't remember the reason why that was implemented this way...

[enridaga]

I added a fix in 99b4fff let me know if this solves your problem.

[justin2004]

works now. thanks!