Validate JATS input before parsing in Crossref path; fix double-escaped attributes in write_jats_content

Author: ja573

thoth-api/src/markup/mod.rs

@@ -392,6 +392,7 @@ pub fn convert_to_jats(
 /// normalise stored abstract-like markup into the subset we safely emit to Crossref.
 pub fn normalise_crossref_abstract_jats(content: &str) -> ThothResult<String> {
     let ast = if looks_like_markup(content) {
+        validate_jats_subset(content, ConversionLimit::Abstract)?;
         jats_to_ast(content)
     } else {
         plain_text_to_ast(content)
@@ -792,10 +793,16 @@ mod tests {
     }
 
     #[test]
-    fn test_normalise_crossref_abstract_jats_splits_breaks_and_removes_empty_paragraphs() {
-        let input = "<p></p><p>First line<break/>Second line</p>";
+    fn test_normalise_crossref_abstract_jats_removes_empty_paragraphs() {
+        let input = "<p></p><p>First line</p>";
         let output = normalise_crossref_abstract_jats(input).unwrap();
-        assert_eq!(output, "<p>First line</p><p>Second line</p>");
+        assert_eq!(output, "<p>First line</p>");
+    }
+
+    #[test]
+    fn test_normalise_crossref_abstract_jats_rejects_break_elements() {
+        let input = "<p>First line<break/>Second line</p>";
+        assert!(normalise_crossref_abstract_jats(input).is_err());
     }
 
     #[test]
@@ -804,6 +811,32 @@ mod tests {
         let output = normalise_crossref_abstract_jats(input).unwrap();
         assert_eq!(output, "<p>This has <bold>bold</bold> text.</p>");
     }
+
+    #[test]
+    fn test_normalise_crossref_abstract_jats_preserves_existing_entities_once() {
+        let input = "<p>x &amp; y &lt; z &gt; w</p>";
+        let output = normalise_crossref_abstract_jats(input).unwrap();
+        assert_eq!(output, "<p>x &amp; y &lt; z &gt; w</p>");
+    }
+
+    #[test]
+    fn test_normalise_crossref_abstract_jats_rejects_malformed_mixed_markup() {
+        let input = "<p>Range 1 < 2 and <italic>styled</italic></p>";
+        assert!(normalise_crossref_abstract_jats(input).is_err());
+    }
+
+    #[test]
+    fn test_markdown_abstract_escapes_reserved_xml_chars() {
+        let input = "x < y & z > w";
+        let output = convert_to_jats(
+            input.to_string(),
+            MarkupFormat::Markdown,
+            ConversionLimit::Abstract,
+        )
+        .unwrap();
+
+        assert_eq!(output, "<p>x &lt; y &amp; z &gt; w</p>");
+    }
     // --- convert_to_jats tests end   ---
 
     // --- convert_from_jats tests start   ---

thoth-export-server/src/xml/doideposit_crossref.rs

@@ -325,16 +325,31 @@ fn write_jats_content<W: Write>(content: &str, w: &mut EventWriter<W>) -> ThothR
                 let mut event_builder = XmlEvent::start_element(&*name);
 
                 // Add attributes
-                let attrs: Vec<(String, String)> = e
+                let attrs: ThothResult<Vec<(String, String)>> = e
                     .attributes()
-                    .flatten()
                     .map(|attr| {
-                        (
+                        let attr = attr.map_err(|err| {
+                            ThothError::InternalError(format!(
+                                "Error parsing JATS content attributes: {}",
+                                err
+                            ))
+                        })?;
+                        let value = attr
+                            .decode_and_unescape_value(reader.decoder())
+                            .map_err(|err| {
+                                ThothError::InternalError(format!(
+                                    "Error decoding JATS content attributes: {}",
+                                    err
+                                ))
+                            })?
+                            .into_owned();
+                        Ok((
                             String::from_utf8_lossy(attr.key.as_ref()).to_string(),
-                            String::from_utf8_lossy(&attr.value).to_string(),
-                        )
+                            value,
+                        ))
                     })
                     .collect();
+                let attrs = attrs?;
 
                 for (key, value) in &attrs {
                     event_builder = event_builder.attr(key.as_str(), value.as_str());
@@ -357,16 +372,31 @@ fn write_jats_content<W: Write>(content: &str, w: &mut EventWriter<W>) -> ThothR
                 let mut event_builder = XmlEvent::start_element(&*name);
 
                 // Add attributes
-                let attrs: Vec<(String, String)> = e
+                let attrs: ThothResult<Vec<(String, String)>> = e
                     .attributes()
-                    .flatten()
                     .map(|attr| {
-                        (
+                        let attr = attr.map_err(|err| {
+                            ThothError::InternalError(format!(
+                                "Error parsing JATS content attributes: {}",
+                                err
+                            ))
+                        })?;
+                        let value = attr
+                            .decode_and_unescape_value(reader.decoder())
+                            .map_err(|err| {
+                                ThothError::InternalError(format!(
+                                    "Error decoding JATS content attributes: {}",
+                                    err
+                                ))
+                            })?
+                            .into_owned();
+                        Ok((
                             String::from_utf8_lossy(attr.key.as_ref()).to_string(),
-                            String::from_utf8_lossy(&attr.value).to_string(),
-                        )
+                            value,
+                        ))
                     })
                     .collect();
+                let attrs = attrs?;
 
                 for (key, value) in &attrs {
                     event_builder = event_builder.attr(key.as_str(), value.as_str());
@@ -2487,7 +2517,7 @@ mod tests {
         // Should not contain any paragraph elements
         assert!(!output.contains(r#"<jats:p>"#));
 
-        // Nested paragraph wrappers should be flattened before writing.
+        // Nested paragraph wrappers are invalid JATS and should be rejected.
         let mut buffer = Vec::new();
         let mut writer = xml::writer::EmitterConfig::new()
             .perform_indent(true)
@@ -2500,13 +2530,9 @@ mod tests {
             &mut writer,
         );
 
-        assert!(result.is_ok());
-        let output = String::from_utf8(buffer).unwrap();
-        assert!(output.contains(r#"<jats:p>Nested paragraph.</jats:p>"#));
-        assert!(!output.contains(r#"<jats:p><jats:p>"#));
-        assert!(!output.contains(r#"<jats:p />"#));
+        assert!(result.is_err());
 
-        // Break elements should be converted into sibling paragraphs.
+        // Break elements are invalid JATS and should be rejected.
         let mut buffer = Vec::new();
         let mut writer = xml::writer::EmitterConfig::new()
             .perform_indent(true)
@@ -2519,11 +2545,7 @@ mod tests {
             &mut writer,
         );
 
-        assert!(result.is_ok());
-        let output = String::from_utf8(buffer).unwrap();
-        assert!(output.contains(r#"<jats:p>First line</jats:p>"#));
-        assert!(output.contains(r#"<jats:p>Second line</jats:p>"#));
-        assert!(!output.contains(r#"<jats:break"#));
+        assert!(result.is_err());
 
         // Locale codes written to xml:lang should use BCP 47 hyphen separators.
         let mut buffer = Vec::new();
@@ -2563,6 +2585,32 @@ mod tests {
         assert!(error.contains("Invalid Crossref abstract markup"));
     }
 
+    #[test]
+    fn test_write_abstract_content_with_locale_code_escapes_link_attributes_once() {
+        let mut buffer = Vec::new();
+        let mut writer = xml::writer::EmitterConfig::new()
+            .perform_indent(true)
+            .create_writer(&mut buffer);
+
+        let result = write_abstract_content_with_locale_code(
+            r#"<p><ext-link xlink:href="https://example.org?a=1&amp;b=2&amp;quote=&quot;hi&quot;&amp;apos=&apos;ok&apos;">link</ext-link></p>"#,
+            "long",
+            "EN",
+            &mut writer,
+        );
+
+        assert!(result.is_ok());
+        let output = String::from_utf8(buffer).unwrap();
+        assert!(
+            output.contains(
+                r#"<jats:ext-link xlink:href="https://example.org?a=1&amp;b=2&amp;quote=&quot;hi&quot;&amp;apos=&apos;ok&apos;">link</jats:ext-link>"#
+            )
+        );
+        assert!(!output.contains("&amp;amp;"));
+        assert!(!output.contains("&amp;quot;"));
+        assert!(!output.contains("&amp;apos;"));
+    }
+
     #[test]
     // Crossref previously limited the number of ISBNs that could be included in a deposit file to 6,
     // but this has now been increased in schema version 5.4.0 to 100 (which will never become relevant).