From 0d15ca7240a1364fd54e4c20691421d44366e433 Mon Sep 17 00:00:00 2001
From: Yusuf Musleh <yusuf@opencraft.com>
Date: Fri, 15 Sep 2023 18:58:23 +0300
Subject: [PATCH] fix: Escape CDATA special char on xblock serialize (#33239)

This fixes a bug in xblock serialization when trying to copy a
unit/component that contains an HTML xblock with the characters "]]>"
which is a special character in CDATA.
---
 openedx/core/lib/xblock_serializer/block_serializer.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/openedx/core/lib/xblock_serializer/block_serializer.py b/openedx/core/lib/xblock_serializer/block_serializer.py
index 0fd3510058..b91ca1594c 100644
--- a/openedx/core/lib/xblock_serializer/block_serializer.py
+++ b/openedx/core/lib/xblock_serializer/block_serializer.py
@@ -112,7 +112,10 @@ class XBlockSerializer:
             olx_node.attrib["editor"] = block.editor
         if block.use_latex_compiler:
             olx_node.attrib["use_latex_compiler"] = "true"
-        olx_node.text = etree.CDATA("\n" + block.data + "\n")
+
+        # Escape any CDATA special chars
+        escaped_block_data = block.data.replace("]]>", "]]&gt;")
+        olx_node.text = etree.CDATA("\n" + escaped_block_data + "\n")
         return olx_node