add comments about XML 1.0/1.1 C0 control character handling
diff --git a/src/main/java/org/apache/maven/shared/utils/xml/XMLEncode.java b/src/main/java/org/apache/maven/shared/utils/xml/XMLEncode.java index 18e9a5c..60fa65d 100644 --- a/src/main/java/org/apache/maven/shared/utils/xml/XMLEncode.java +++ b/src/main/java/org/apache/maven/shared/utils/xml/XMLEncode.java
@@ -109,6 +109,12 @@ break; default: + // C0 control characters (except tab, LF, CR) are encoded + // as numeric character references. This produces valid + // XML 1.1 but is not valid XML 1.0 (which forbids these + // characters in any form). Callers that require strict + // XML 1.0 compliance should strip these characters before + // encoding. if (c < 0x20 && c != 0x09 && c != 0x0A && c != 0x0D) { n.append("&#x"); n.append(Integer.toHexString(c)); @@ -141,6 +147,12 @@ /** * Checks if this text needs encoding in order to be represented in XML. + * Note: C0 control characters (U+0000-U+001F except tab, LF, CR) are + * classified as needing encoding, but encoding them as numeric character + * references produces output that is not valid XML 1.0 (which forbids + * these characters outright in any form). The encoded output is valid + * XML 1.1. Callers that require strict XML 1.0 compliance should strip + * these characters before encoding. */ private static boolean needsEncoding(String text) { if (text == null) {