Merge pull request #106 from sladage/issue-105

Fix for issue #105

src/writers/BaseWriter.ts

@@ -928,7 +928,7 @@ export abstract class BaseWriter<T extends BaseWriterOptions, U extends XMLSeria
      * 5. Replace any occurrences of ">" in markup by "&gt;".
      * 6. Return the value of markup.
      */
-    const markup = node.data.replace(/(?!&([^&;]*);)&/g, '&amp;')
+    const markup = node.data.replace(/(?!&([^&; ]*);)&/g, '&amp;')
       .replace(/</g, '&lt;')
       .replace(/>/g, '&gt;')
 
@@ -1597,7 +1597,7 @@ export abstract class BaseWriter<T extends BaseWriterOptions, U extends XMLSeria
      * grammar requirement in the XML specification's AttValue production by
      * also replacing ">" characters.
      */
-    return value.replace(/(?!&([^&;]*);)&/g, '&amp;')
+    return value.replace(/(?!&([^&; ]*);)&/g, '&amp;')
       .replace(/</g, '&lt;')
       .replace(/>/g, '&gt;')
       .replace(/"/g, '&quot;')

test/issues/issue-105.test.ts

@@ -0,0 +1,11 @@
+import $$ from "../TestHelpers";
+
+describe("Replicate issue", () => {
+  // https://github.com/oozcitak/xmlbuilder2/issues/90
+  test(`#105 - Illegal character does not get sanitized.`, () => {
+    const b = $$.create()
+    b.ele('doc').ele('test').txt('some & text; foo')
+    expect(b.end()).toBe($$.t`<?xml version="1.0"?><doc><test>some &amp; text; foo</test></doc>`);
+  })
+
+})