|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 3976 | minor | always | 03-31-10 12:52 | 04-02-10 12:19 | |
|
|
|||||
| Reporter: | ferg | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | |||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.6 | ||
|
|
|||||
| Summary: | 0003976: jsp:param behavior change in 4.0.5 | ||||
| Description: |
(rep by Aaron Freeman) We are experiencing a fundamental change in how data is being passed as a jsp:param between 3.0.22 and 4.0.5. We need to know if this change is intentional as it has a work-heavy impact on converting our code base over which currently relies on the behavior of 3.0.x. It appears that a call to jsp:include was automatically URL decoding any strings that were passed in, and that that behavior has changed. I have included source to two files that will demonstrate the behavior change (in case it's not intentional). And here are the results of running it: ---- on resin-pro-3.0.22 ---- URL encoded before pass to jsp:include: Test%3A+1+%3C+2+and+width%3D%22100%25%22+and+ampersand%3D%26. Test: 1 < 2 and width="100ďand ampersand= Here it is as seen inside of test-process.jsp: Test: 1 < 2 and width="100%" and ampersand=&. ---- on resin-pro-4.0.5 ---- URL encoded before pass to jsp:include: Test%3A+1+%3C+2+and+width%3D%22100%25%22+and+ampersand%3D%26. Test: 1 < 2 and width="100ďand ampersand= Here it is as seen inside of test-process.jsp: Test:+1+<+2+and+width="100%"+and+ampersand=&. <%----- BEGIN test.jsp -----%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" [^] prefix="c" %> <%@ taglib uri="http://www.sendthisfile.com/taglib/httputil" [^] prefix="httputil" %> <c:if test="${!empty param.textarea}"> textarea param exists: ${param.textarea} <c:set var="textareaUrlEncodedBefore" value="${httputil:urlEncode(param.textarea)}"/> URL encoded before pass to jsp:include: ${textareaUrlEncodedBefore} </c:if> <%-- Set some requestscope variable in test.jsp --%> <jsp:include page="/test-process.jsp"> <jsp:param name="textarea" value="${param.textarea}"/> <jsp:param name="textareaUrlEncoded" value="${textareaUrlEncodedBefore}"/> </jsp:include> <form action="/test.jsp"> <textarea name="textarea">${requestScope.processedTextarea}</textarea> <input type="submit"></input> </form> <c:if test="${!empty requestScope.urlEncoded}"> Here it is as seen inside of test-process.jsp: ${requestScope.urlEncoded} </c:if> <%----- END test.jsp -----%> <%----- BEGIN test-process.jsp -----%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" [^] prefix="c" %> <c:choose> <c:when test="${empty param.textarea}"> <c:set var="processedTextarea" scope="request">Test: 1 < 2 and width="100%" and ampersand=&.</c:set> </c:when> <c:otherwise> <c:set var="processedTextarea" scope="request">${param.textarea}</c:set> </c:otherwise> </c:choose> <c:set var="urlEncoded" scope="request">${param.textareaUrlEncoded}</c:set> <%----- END test-process.jsp -----%> Thanks for your thoughts on this, |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||