Anonymous | Login | Signup for a new account | 01-05-2025 09:15 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0001433 | [Resin] | major | always | 10-30-06 16:32 | 10-31-06 13:52 | ||||
Reporter | ccwf | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | ||||||
Status | closed | Product Version | 3.0.22 | ||||||
Summary | 0001433: multiple bugs with EL expression output in JSP document template data | ||||||||
Description |
Using expressions like ${'C'}a b c d e and ${'}'}A B C in template text in JSP documents (.jspx file) results in miscompiled .java source files in the work directory which have an extra, garbage character being output at the end of the directive. The second example, a right curly brace inside a string literal exhibits an additional bug: an escaped quote is output before the right curly brace. The spec says that ${'}'} should just output the right curly brace. Finally, the results of the EL expressions in template text are XML-escaped, whereas the spec implies that they should be unescaped (and that <c:out> should be used to produce escaped text). These bugs only affect EL expressions in template data (outside of actions) in JSP documents, not JSP pages. |
||||||||
Additional Information |
I can't seem to attach the JSP document, so here it is: <?xml version="1.0"?> <jsp:root version="2.0" xmlns:jsp="http://java.sun.com/JSP/Page"> [^] <jsp:directive.page contentType="text/plain"/> <jsp:scriptlet> response.addHeader("Cache-control", "no-cache"); pageContext.setAttribute("testString", "-'-"); </jsp:scriptlet> Extra character at end: ${'string'}a b c d e<jsp:text> Extra character at end: ${'C'}1 2 3 4 5</jsp:text><jsp:text> Character escaped: ${testString}1 2 3 4 5</jsp:text><jsp:text> Extra characters before { and at end: ${'}'}A B C</jsp:text> </jsp:root> When run on my test system, it results in the following output: Extra character at end: stringa b c d ec Extra character at end: C1 2 3 4 5c Character escaped: -&0000039;-1 2 3 4 5 Extra characters before { and at end: &0000039;}A B C&0000034; |
||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
35 total queries executed. 30 unique queries executed. |