Author: markt
Date: Tue Sep 22 08:56:51 2015
New Revision: 1704486
URL: http://svn.apache.org/viewvc?rev=1704486&view=rev
Log:
Correct regression in previous fix for
https://bz.apache.org/bugzilla/show_bug.cgi?id=57136
\$ should be an escape for $ in JSP.
\${ should be an escape for ${ only in EL.
EL rules only apply within an EL expression. The JSP rules apply everywhere
else up to and including the ${...} surrounding the expression.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/AttributeParser.java
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/ELParser.java
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspDocumentParser.java
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspReader.java
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/Parser.java
tomcat/tc8.0.x/trunk/test/org/apache/el/TestELInJsp.java
tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java
tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestELParser.java
tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java
tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45427.jsp
tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451.jspf
tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451a.jsp
tomcat/tc8.0.x/trunk/test/webapp/el-method.jsp
tomcat/tc8.0.x/trunk/test/webapp/el-misc.jsp
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc8.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Sep 22 08:56:51 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,1655558,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657609,1657
682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1666569,1666579,1666637,1
666649,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-1684527,1684549-1684550,1685556,1685591,1685739,1685744,1685772,168581
6,1685826,1685891,1687242,1687261,1687268,1687340,1688563,1688841,1688878,1688885,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,1693088,1693105,1693429,1693461,1694058,1694111,1694290,1694501,1694548,1694658,1694660,1694788,1694872,1694878,1695006,1695354,1695371,1695459,1695582,1695706,1695778,1696199,1696272,1696280,1696366-1696368,1696378,1696390,1696392,1696467,1698212,1698220,1700607,1700870,1700896,1700977,1701093,1701123,1701213,1701607,1701666,1701673,1701760-1701761,1701765,1701940,1702183,1702246,1702250,1702268,1702313,1702531,1702630-1702635,1702637-1702638,1702640,1702647,1702660,1702662,1702665-1702666,1702668,1702671-1702673,1702675-1702676,1702680,1702722,1702778,1702795,1702862,1702881,1702886,1702910,1702923,1702971,1702984,1703024,1703040,1703044,1703049-1703050,1703143,1703146,1703151,1703160,1703164,1703167,1703174,170
3192,1703287,1703290,1703358,1703408,1703486,1703509,1703523,1703542,1703545,1703554,1703584,1703673,1703676,1703678,1703680,1703763,1703784,1703821,1703842,1703849,1703851,1703853,1703856,1703860,1703865,1703890,1703948,1704149,1704151,1704251,1704278,1704289,1704302,1704305,1704307,1704318,1704331
+/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,1655558,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657592,1657607,1657609,1657
682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1666387,1666494,1666496,1666552,1666569,1666579,1666637,1
666649,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-1684527,1684549-1684550,1685556,1685591,1685739,1685744,1685772,168581
6,1685826,1685891,1687242,1687261,1687268,1687340,1688563,1688841,1688878,1688885,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,1693088,1693105,1693429,1693461,1694058,1694111,1694290,1694501,1694548,1694658,1694660,1694788,1694872,1694878,1695006,1695354,1695371,1695459,1695582,1695706,1695778,1696199,1696272,1696280,1696366-1696368,1696378,1696390,1696392,1696467,1698212,1698220,1700607,1700870,1700896,1700977,1701093,1701123,1701213,1701607,1701666,1701673,1701760-1701761,1701765,1701940,1702183,1702244,1702246,1702250,1702268,1702313,1702531,1702630-1702635,1702637-1702638,1702640,1702647,1702660,1702662,1702665-1702666,1702668,1702671-1702673,1702675-1702676,1702680,1702722,1702778,1702795,1702862,1702881,1702886,1702910,1702923,1702971,1702984,1703024,1703040,1703044,1703049-1703050,1703143,1703146,1703151,1703160,1703164,1703167,170
3174,1703192,1703287,1703290,1703358,1703408,1703486,1703509,1703523,1703542,1703545,1703554,1703584,1703673,1703676,1703678,1703680,1703763,1703784,1703821,1703842,1703849,1703851,1703853,1703856,1703860,1703865,1703890,1703948,1704149,1704151,1704251,1704278,1704289,1704302,1704305,1704307,1704318,1704331
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/AttributeParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/AttributeParser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/AttributeParser.java
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/AttributeParser.java
Tue Sep 22 08:56:51 2015
@@ -202,11 +202,11 @@ public class AttributeParser {
}
/*
- * For EL need to unquote everything but no need to convert anything. The
- * EL is terminated by '}'. The only other valid location for '}' is inside
- * a StringLiteral. The literals are delimited by '\'' or '\"'. The only
- * other valid location for '\'' or '\"' is also inside a StringLiteral. A
- * quote character inside a StringLiteral must be escaped if the same quote
+ * Once inside EL, no need to unquote or convert anything. The EL is
+ * terminated by '}'. The only other valid location for '}' is inside a
+ * StringLiteral. The literals are delimited by '\'' or '\"'. The only
other
+ * valid location for '\'' or '\"' is also inside a StringLiteral. A quote
+ * character inside a StringLiteral must be escaped if the same quote
* character is used to delimit the StringLiteral.
*/
private void parseEL() {
@@ -214,7 +214,7 @@ public class AttributeParser {
boolean insideLiteral = false;
char literalQuote = 0;
while (i < size && !endEL) {
- char ch = nextChar();
+ char ch = input.charAt(i++);
if (ch == '\'' || ch == '\"') {
if (insideLiteral) {
if (literalQuote == ch) {
@@ -228,7 +228,7 @@ public class AttributeParser {
} else if (ch == '\\') {
result.append(ch);
if (insideLiteral && size < i) {
- ch = nextChar();
+ ch = input.charAt(i++);
result.append(ch);
}
} else if (ch == '}') {
Modified: tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/ELParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/ELParser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/ELParser.java
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/ELParser.java Tue Sep
22 08:56:51 2015
@@ -205,11 +205,9 @@ public class ELParser {
while (hasNextChar()) {
char ch = nextChar();
if (ch == '\\') {
- // Is this the start of a "\${" or "\#{" escape sequence?
+ // Is this the start of a "\$" or "\#" escape sequence?
char p0 = peek(0);
- char p1 = peek(1);
- if ((p0 == '$' || (p0 == '#' &&
!isDeferredSyntaxAllowedAsLiteral)) && p1 == '{') {
- buf.append(nextChar());
+ if (p0 == '$' || (p0 == '#' &&
!isDeferredSyntaxAllowedAsLiteral)) {
buf.append(nextChar());
} else {
buf.append(ch);
@@ -229,7 +227,8 @@ public class ELParser {
/**
* Escape '$' and '#', inverting the unescaping performed in
- * {@link #skipUntilEL()}.
+ * {@link #skipUntilEL()} but only for ${ and #{ sequences since escaping
+ * for $ and # is optional.
*
* @param input Non-EL input to be escaped
* @param isDeferredSyntaxAllowedAsLiteral
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspDocumentParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspDocumentParser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspDocumentParser.java
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspDocumentParser.java
Tue Sep 22 08:56:51 2015
@@ -605,11 +605,7 @@ class JspDocumentParser
lastCh = ch;
}
} else if (lastCh == '\\' && (ch == '$' || ch == '#')) {
- if (i + 1 < charBuffer.length() && charBuffer.charAt(i +
1) == '{') {
- if (pageInfo.isELIgnored()) {
- ttext.write('\\');
- }
- } else {
+ if (pageInfo.isELIgnored()) {
ttext.write('\\');
}
ttext.write(ch);
Modified: tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspReader.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspReader.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspReader.java
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/JspReader.java Tue Sep
22 08:56:51 2015
@@ -436,15 +436,17 @@ class JspReader {
/**
* Skip until the given string is matched in the stream, but ignoring
- * chars initially escaped by a '\'.
+ * chars initially escaped by a '\' and any EL expressions.
* When returned, the context is positioned past the end of the match.
*
* @param s The String to match.
+ * @param ignoreEL <code>true</code> if something that looks like EL should
+ * not be treated as EL.
* @return A non-null <code>Mark</code> instance (positioned immediately
* before the search string) if found, <strong>null</strong>
* otherwise.
*/
- Mark skipUntilIgnoreEsc(String limit) {
+ Mark skipUntilIgnoreEsc(String limit, boolean ignoreEL) {
Mark ret = mark();
int limlen = limit.length();
int ch;
@@ -454,6 +456,12 @@ class JspReader {
for (ch = nextChar(ret) ; ch != -1 ; prev = ch, ch = nextChar(ret)) {
if (ch == '\\' && prev == '\\') {
ch = 0; // Double \ is not an escape char
anymore
+ } else if (prev == '\\') {
+ continue;
+ } else if (!ignoreEL && (ch == '$' || ch == '#') && peekChar() ==
'{' ) {
+ // Move beyond the '{'
+ nextChar();
+ skipELExpression();
} else if (ch == firstChar && prev != '\\') {
for (int i = 1 ; i < limlen ; i++) {
if (peekChar() == limit.charAt(i))
Modified: tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/Parser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/Parser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/Parser.java (original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/jasper/compiler/Parser.java Tue Sep 22
08:56:51 2015
@@ -199,6 +199,8 @@ class Parser implements TagConstants {
if (qName == null)
return false;
+ boolean ignoreEL = pageInfo.isELIgnored();
+
// Determine prefix and local name components
String localName = qName;
String uri = "";
@@ -223,11 +225,14 @@ class Parser implements TagConstants {
err.jspError(reader.mark(), "jsp.error.attribute.noquote");
String watchString = "";
- if (reader.matches("<%="))
+ if (reader.matches("<%=")) {
watchString = "%>";
+ // Can't embed EL in a script expression
+ ignoreEL = true;
+ }
watchString = watchString + quote;
- String attrValue = parseAttributeValue(watchString);
+ String attrValue = parseAttributeValue(watchString, ignoreEL);
attrs.addAttribute(uri, localName, qName, "CDATA", attrValue);
return true;
}
@@ -258,9 +263,9 @@ class Parser implements TagConstants {
* RTAttributeValueDouble ::= ((QuotedChar - '"')* -
((QuotedChar-'"')'%>"')
* ('%>"' | TRANSLATION_ERROR)
*/
- private String parseAttributeValue(String watch) throws JasperException {
+ private String parseAttributeValue(String watch, boolean ignoreEL) throws
JasperException {
Mark start = reader.mark();
- Mark stop = reader.skipUntilIgnoreEsc(watch);
+ Mark stop = reader.skipUntilIgnoreEsc(watch, ignoreEL);
if (stop == null) {
err.jspError(start, "jsp.error.attribute.unterminated", watch);
}
@@ -1275,7 +1280,11 @@ class Parser implements TagConstants {
/*
* Parse for a template text string until '<' or "${" or "#{" is
encountered,
- * recognizing escape sequences "<\%", "\${", and "\#{".
+ * recognizing escape sequences "<\%", "\$", and "\#".
+ *
+ * Note: JSP uses '\$' as an escape for '$' and '\#' for '#' whereas EL
uses
+ * '\${' for '${' and '\#{' for '#{'. We are processing JSP template
+ * test here so the JSP escapes apply.
*/
private void parseTemplateText(Node parent) {
@@ -1304,13 +1313,7 @@ class Parser implements TagConstants {
} else if (ch == '\\' && !pageInfo.isELIgnored()) {
int next = reader.peekChar(0);
if (next == '$' || next == '#') {
- if (reader.peekChar(1) == '{') {
- ttext.write(reader.nextChar());
- ttext.write(reader.nextChar());
- } else {
- ttext.write(ch);
- ttext.write(reader.nextChar());
- }
+ ttext.write(reader.nextChar());
} else {
ttext.write(ch);
}
@@ -1362,10 +1365,7 @@ class Parser implements TagConstants {
} else if (ch == '\\') {
int next = reader.peekChar(0);
if (next == '$' || next =='#') {
- if (reader.peekChar(1) == '{') {
- ttext.write(reader.nextChar());
- ttext.write(reader.nextChar());
- }
+ ttext.write(reader.nextChar());
} else {
ttext.write('\\');
}
Modified: tomcat/tc8.0.x/trunk/test/org/apache/el/TestELInJsp.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/el/TestELInJsp.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/org/apache/el/TestELInJsp.java (original)
+++ tomcat/tc8.0.x/trunk/test/org/apache/el/TestELInJsp.java Tue Sep 22
08:56:51 2015
@@ -93,21 +93,19 @@ public class TestELInJsp extends TomcatB
assertEcho(result, "00-hello world");
assertEcho(result, "01-hello 'world");
assertEcho(result, "02-hello \"world");
- assertEcho(result, "03-hello world");
- assertEcho(result, "04-hello 'world");
- assertEcho(result, "05-hello \"world");
- assertEcho(result, "06-hello world");
- assertEcho(result, "07-hello 'world");
- assertEcho(result, "08-hello \"world");
- assertEcho(result, "09-hello world");
- assertEcho(result, "10-hello 'world");
+ assertEcho(result, "03-hello \"world");
+ assertEcho(result, "04-hello world");
+ assertEcho(result, "05-hello 'world");
+ assertEcho(result, "06-hello 'world");
+ assertEcho(result, "07-hello \"world");
+ assertEcho(result, "08-hello world");
+ assertEcho(result, "09-hello 'world");
+ assertEcho(result, "10-hello \"world");
assertEcho(result, "11-hello \"world");
assertEcho(result, "12-hello world");
assertEcho(result, "13-hello 'world");
- assertEcho(result, "14-hello \"world");
- assertEcho(result, "15-hello world");
- assertEcho(result, "16-hello 'world");
- assertEcho(result, "17-hello \"world");
+ assertEcho(result, "14-hello 'world");
+ assertEcho(result, "15-hello \"world");
}
@Test
@@ -121,8 +119,6 @@ public class TestELInJsp extends TomcatB
// Warning: JSP attribute escaping != Java String escaping
assertEcho(result, "00-\\'hello world\\'");
assertEcho(result, "01-\\'hello world\\'");
- assertEcho(result, "02-\\'hello world\\'");
- assertEcho(result, "03-\\'hello world\\'");
res = getUrl("http://localhost:"; + getPort() +
"/test/bug45nnn/bug45451b.jsp");
result = res.toString();
@@ -133,18 +129,25 @@ public class TestELInJsp extends TomcatB
assertEcho(result, "01-${1+1}");
assertEcho(result, "02-\\${1+1}");
assertEcho(result, "03-\\\\${1+1}");
- assertEcho(result, "04-\\$500");
+ assertEcho(result, "04-$500");
+ // Inside an EL literal '\' is only used to escape '\', ''' and '"'
+ assertEcho(result, "05-\\$");
+ assertEcho(result, "06-\\${");
assertEcho(result, "10-2");
assertEcho(result, "11-${1+1}");
assertEcho(result, "12-\\2");
assertEcho(result, "13-\\${1+1}");
assertEcho(result, "14-\\\\2");
- assertEcho(result, "15-\\$500");
+ assertEcho(result, "15-$500");
+ assertEcho(result, "16-\\$");
+ assertEcho(result, "17-\\${");
assertEcho(result, "20-2");
assertEcho(result, "21-#{1+1}");
assertEcho(result, "22-\\2");
assertEcho(result, "23-\\#{1+1}");
assertEcho(result, "24-\\\\2");
+ assertEcho(result, "25-\\#");
+ assertEcho(result, "26-\\#{");
res = getUrl("http://localhost:"; + getPort() +
"/test/bug45nnn/bug45451c.jsp");
result = res.toString();
@@ -176,13 +179,13 @@ public class TestELInJsp extends TomcatB
assertEcho(result, "01-${1+1}");
assertEcho(result, "02-\\${1+1}");
assertEcho(result, "03-\\\\${1+1}");
- assertEcho(result, "04-\\$500");
+ assertEcho(result, "04-$500");
assertEcho(result, "10-2");
assertEcho(result, "11-${1+1}");
assertEcho(result, "12-\\${1+1}");
assertEcho(result, "13-\\\\${1+1}");
assertEcho(result, "14-\\\\\\${1+1}");
- assertEcho(result, "15-\\$500");
+ assertEcho(result, "15-$500");
assertEcho(result, "20-2");
assertEcho(result, "21-#{1+1}");
assertEcho(result, "22-\\#{1+1}");
@@ -198,13 +201,13 @@ public class TestELInJsp extends TomcatB
assertEcho(result, "01-${1+1}");
assertEcho(result, "02-\\${1+1}");
assertEcho(result, "03-\\\\${1+1}");
- assertEcho(result, "04-\\$500");
+ assertEcho(result, "04-$500");
assertEcho(result, "10-2");
assertEcho(result, "11-${1+1}");
assertEcho(result, "12-\\2");
assertEcho(result, "13-\\${1+1}");
assertEcho(result, "14-\\\\2");
- assertEcho(result, "15-\\$500");
+ assertEcho(result, "15-$500");
assertEcho(result, "20-#{1+1}");
assertEcho(result, "21-\\#{1+1}");
assertEcho(result, "22-\\#{1+1}");
@@ -303,13 +306,13 @@ public class TestELInJsp extends TomcatB
assertEcho(result, "08-a2z");
assertEcho(result, "09-az2");
assertEcho(result, "10-${'foo'}bar");
- assertEcho(result, "11-\"}");
+ assertEcho(result, "11-\\\"}");
assertEcho(result, "12-foo\\bar\\baz");
assertEcho(result, "13-foo\\bar\\baz");
assertEcho(result, "14-foo\\bar\\baz");
assertEcho(result, "15-foo\\bar\\baz");
assertEcho(result, "16-foo\\bar\\baz");
- assertEcho(result, "17-foo\\bar\\baz");
+ assertEcho(result, "17-foo\\'bar'\\"baz"");
assertEcho(result, "18-3");
assertEcho(result, "19-4");
assertEcho(result, "20-4");
Modified:
tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
---
tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java
(original)
+++
tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java
Tue Sep 22 08:56:51 2015
@@ -127,19 +127,15 @@ public class TestAttributeParser {
// list and looking at the spec to find some edge cases
// '\' is only an escape character inside a StringLiteral
- assertEquals("\\", evalAttr("${'\\\\\\\\'}", '\"'));
- assertEquals("\\", evalAttr("${\"\\\\\\\\\"}", '\"'));
+ // Attribute escaping does not apply inside EL expressions
+ assertEquals("\\", evalAttr("${'\\\\'}", '\"'));
// Can use ''' inside '"' when quoting with '"' and vice versa without
// escaping
- assertEquals("\\\"", evalAttr("${'\\\\\\\\\\\"'}", '\"'));
- assertEquals("\"\\", evalAttr("${'\\\"\\\\\\\\'}", '\"'));
- assertEquals("\\'", evalAttr("${'\\\\\\\\\\\\''}", '\"'));
- assertEquals("'\\", evalAttr("${'\\\\'\\\\\\\\'}", '\"'));
- assertEquals("\\'", evalAttr("${\\\"\\\\\\\\'\\\"}", '\"'));
- assertEquals("'\\", evalAttr("${\\\"'\\\\\\\\\\\"}", '\"'));
- assertEquals("\\\"", evalAttr("${\\\"\\\\\\\\\\\\\\\"\\\"}", '\"'));
- assertEquals("\"\\", evalAttr("${\\\"\\\\\\\"\\\\\\\\\\\"}", '\"'));
+ assertEquals("\\\"", evalAttr("${'\\\\\"'}", '\"'));
+ assertEquals("\"\\", evalAttr("${'\\\"\\\\'}", '\"'));
+ assertEquals("\\'", evalAttr("${'\\\\\\''}", '\"'));
+ assertEquals("'\\", evalAttr("${'\\'\\\\'}", '\"'));
// Quoting <% and %>
assertEquals("hello <% world", evalAttr("hello <\\% world", '\"'));
@@ -156,9 +152,8 @@ public class TestAttributeParser {
// expression that follows from being evaluated.
//
assertEquals("foo\\bar\\baz",
evalAttr("${\'foo\'}\\\\${\'bar\'}\\\\${\'baz\'}", '\"'));
- assertEquals("foo\\bar\\baz",
evalAttr("${\'foo\'}\\\\${\\\"bar\\\"}\\\\${\'baz\'}", '\"'));
- assertEquals("foo\\bar\\baz",
evalAttr("${\\\"foo\\\"}\\\\${\'bar\'}\\\\${\\\"baz\\\"}", '\"'));
- assertEquals("foo\\bar\\baz",
evalAttr("${\"foo\"}\\\\${\\\'bar\\\'}\\\\${\"baz\"}", '\''));
+ assertEquals("foo\\bar\\baz",
evalAttr("${\'foo\'}\\\\${\"bar\"}\\\\${\'baz\'}", '\"'));
+ assertEquals("foo\\bar\\baz",
evalAttr("${\"foo\"}\\\\${\'bar\'}\\\\${\"baz\"}", '\"'));
}
@Test
Modified: tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestELParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestELParser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestELParser.java
(original)
+++ tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestELParser.java Tue
Sep 22 08:56:51 2015
@@ -238,13 +238,15 @@ public class TestELParser {
@Test
public void testEscape04() throws JasperException {
- doTestParser("\\$", "\\$");
+ // When parsed as EL in JSP the escaping of $ as \$ is optional
+ doTestParser("\\$", "\\$", "$");
}
@Test
public void testEscape05() throws JasperException {
- doTestParser("\\#", "\\#");
+ // When parsed as EL in JSP the escaping of # as \# is optional
+ doTestParser("\\#", "\\#", "#");
}
@@ -280,18 +282,23 @@ public class TestELParser {
private void doTestParser(String input, String expected) throws
JasperException {
+ doTestParser(input, expected, input);
+ }
+
+ private void doTestParser(String input, String expectedResult, String
expectedBuilderOutput) throws JasperException {
+
ELException elException = null;
String elResult = null;
// Don't try and evaluate expressions that depend on variables or
functions
- if (expected != null) {
+ if (expectedResult != null) {
try {
ELManager manager = new ELManager();
ELContext context = manager.getELContext();
ExpressionFactory factory = ELManager.getExpressionFactory();
ValueExpression ve = factory.createValueExpression(context,
input, String.class);
elResult = ve.getValue(context).toString();
- Assert.assertEquals(expected, elResult);
+ Assert.assertEquals(expectedResult, elResult);
} catch (ELException ele) {
elException = ele;
}
@@ -312,6 +319,6 @@ public class TestELParser {
nodes.visit(textBuilder);
- Assert.assertEquals(input, textBuilder.getText());
+ Assert.assertEquals(expectedBuilderOutput, textBuilder.getText());
}
}
Modified: tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java
(original)
+++ tomcat/tc8.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java Tue
Sep 22 08:56:51 2015
@@ -285,9 +285,9 @@ public class TestParser extends TomcatBa
Assert.assertTrue(result, result.contains("<set
data-value=\"03b\\\\x\\?resize03b\"/>"));
Assert.assertTrue(result, result.contains("<04a\\?resize04a/>"));
Assert.assertTrue(result, result.contains("<04b\\\\x\\?resize04b/>"));
- Assert.assertTrue(result, result.contains("<set
data-value=\"05a\\$${&\"/>"));
- Assert.assertTrue(result, result.contains("<set
data-value=\"05b\\$${&2\"/>"));
- Assert.assertTrue(result, result.contains("<set
data-value=\"05c\\##{>hello<\"/>"));
+ Assert.assertTrue(result, result.contains("<set
data-value=\"05a$${&\"/>"));
+ Assert.assertTrue(result, result.contains("<set
data-value=\"05b$${&2\"/>"));
+ Assert.assertTrue(result, result.contains("<set
data-value=\"05c##{>hello<\"/>"));
Assert.assertTrue(result, result.contains("05x:<set
data-value=\"\"/>"));
Assert.assertTrue(result, result.contains("<set
xmlns:foo=\"urn:06a\\bar\\baz\"/>"));
Assert.assertTrue(result, result.contains("07a:<set
data-value=\"\\?resize\"/>"));
Modified: tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45427.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45427.jsp?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45427.jsp (original)
+++ tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45427.jsp Tue Sep 22 08:56:51
2015
@@ -21,21 +21,19 @@
<p>00-${'hello world'}</p>
<p>01-${'hello \'world'}</p>
<p>02-${'hello "world'}</p>
- <p>03-${"hello world"}</p>
- <p>04-${"hello 'world"}</p>
- <p>05-${"hello \"world"}</p>
+ <p>03-${'hello \"world'}</p>
+ <p>04-${"hello world"}</p>
+ <p>05-${"hello 'world"}</p>
+ <p>06-${"hello \'world"}</p>
+ <p>07-${"hello \"world"}</p>
- <tags:echo echo="06-${'hello world'}" />
- <tags:echo echo="07-${'hello \\\'world'}" />
- <tags:echo echo="08-${'hello \"world'}" />
- <tags:echo echo="09-${\"hello world\"}" />
- <tags:echo echo="10-${\"hello 'world\"}" />
- <tags:echo echo="11-${\"hello \\\"world\"}" />
- <tags:echo echo='12-${\'hello world\'}' />
- <tags:echo echo='13-${\'hello \\\'world\'}' />
- <tags:echo echo='14-${\'hello "world\'}' />
- <tags:echo echo='15-${"hello world"}' />
- <tags:echo echo='16-${"hello \'world"}' />
- <tags:echo echo='17-${"hello \\\"world"}' />
+ <tags:echo echo="08-${'hello world'}" />
+ <tags:echo echo="09-${'hello \'world'}" />
+ <tags:echo echo="10-${'hello "world'}" />
+ <tags:echo echo="11-${'hello \"world'}" />
+ <tags:echo echo='12-${"hello world"}' />
+ <tags:echo echo='13-${"hello 'world"}' />
+ <tags:echo echo='14-${"hello \'world"}' />
+ <tags:echo echo='15-${"hello \"world"}' />
</body>
</html>
\ No newline at end of file
Modified: tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451.jspf
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451.jspf?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451.jspf (original)
+++ tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451.jspf Tue Sep 22 08:56:51
2015
@@ -19,14 +19,20 @@
<p>02-\\${1+1}</p>
<p>03-\\\${1+1}</p>
<p>04-\$500</p>
+<p>05-${'\\$'}</p>
+<p>06-${'\\${'}</p>
<tags:echo echo="10-${1+1}" />
<tags:echo echo="11-\${1+1}" />
<tags:echo echo="12-\\${1+1}" />
<tags:echo echo="13-\\\${1+1}" />
<tags:echo echo="14-\\\\${1+1}" />
<tags:echo echo="15-\$500" />
+<tags:echo echo="16-${'\\$'}" />
+<tags:echo echo="17-${'\\${'}" />
<tags:echo-deferred echo="20-#{1+1}" />
<tags:echo-deferred echo="21-\#{1+1}" />
<tags:echo-deferred echo="22-\\#{1+1}" />
<tags:echo-deferred echo="23-\\\#{1+1}" />
-<tags:echo-deferred echo="24-\\\\#{1+1}" />
\ No newline at end of file
+<tags:echo-deferred echo="24-\\\\#{1+1}" />
+<tags:echo-deferred echo="25-#{'\\#'}" />
+<tags:echo-deferred echo="26-#{'\\#{'}" />
\ No newline at end of file
Modified: tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451a.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451a.jsp?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451a.jsp (original)
+++ tomcat/tc8.0.x/trunk/test/webapp/bug45nnn/bug45451a.jsp Tue Sep 22 08:56:51
2015
@@ -19,8 +19,6 @@
<head><title>Bug 45451 test case</title></head>
<body>
<tags:echo echo="00-\\\'${'hello world'}\\\'" />
- <tags:echo echo="01-\\\'${\"hello world\"}\\\'" />
- <tags:echo echo='02-\\\'${\'hello world\'}\\\'' />
- <tags:echo echo='03-\\\'${"hello world"}\\\'' />
+ <tags:echo echo='01-\\\'${"hello world"}\\\'' />
</body>
</html>
\ No newline at end of file
Modified: tomcat/tc8.0.x/trunk/test/webapp/el-method.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/webapp/el-method.jsp?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/webapp/el-method.jsp (original)
+++ tomcat/tc8.0.x/trunk/test/webapp/el-method.jsp Tue Sep 22 08:56:51 2015
@@ -28,10 +28,10 @@
pageContext.setAttribute("testBeanA", beanA, PageContext.REQUEST_SCOPE);
pageContext.setAttribute("testBeanB", beanB, PageContext.REQUEST_SCOPE);
%>
- <tags:echo echo="00-${testBeanA[\"bean\"].sayHello('JUnit')}" />
+ <tags:echo echo="00-${testBeanA["bean"].sayHello('JUnit')}" />
<tags:echo echo="01-${testBeanA.bean.sayHello('JUnit')}" />
<tags:echo echo="02-${testBeanB.sayHello('JUnit')}" />
- <tags:echo-deferred echo="03-#{testBeanA[\"bean\"].sayHello('JUnit')}" />
+ <tags:echo-deferred echo="03-#{testBeanA["bean"].sayHello('JUnit')}" />
<tags:echo-deferred echo="04-#{testBeanA.bean.sayHello('JUnit')}" />
<tags:echo-deferred echo="05-#{testBeanB.sayHello('JUnit')}" />
</body>
Modified: tomcat/tc8.0.x/trunk/test/webapp/el-misc.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/webapp/el-misc.jsp?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/webapp/el-misc.jsp (original)
+++ tomcat/tc8.0.x/trunk/test/webapp/el-misc.jsp Tue Sep 22 08:56:51 2015
@@ -25,17 +25,17 @@
<tags:echo echo="${'2'}az-04" />
<tags:echo echo="05-a${'2'}z" />
<tags:echo echo="06-az${'2'}" />
- <tags:echo echo="${\"2\"}az-07" />
- <tags:echo echo="08-a${\"2\"}z" />
- <tags:echo echo="09-az${\"2\"}" />
+ <tags:echo echo="${"2"}az-07" />
+ <tags:echo echo="08-a${"2"}z" />
+ <tags:echo echo="09-az${"2"}" />
<tags:echo echo="10-\${'foo'}${'bar'}" />
- <tags:echo echo="11-${\"\\\"}\"}" />
+ <tags:echo echo="11-${"\\"}\"}" />
<tags:echo echo="12-${'foo'}\\${'bar'}\\${'baz'}" />
- <tags:echo echo="13-${'foo'}\\${\"bar\"}\\${'baz'}" />
- <tags:echo echo="14-${\"foo\"}\\${'bar'}\\${\"baz\"}" />
- <tags:echo echo='15-${\'foo\'}\\${"bar"}\\${\'baz\'}' />
- <tags:echo echo='16-${"foo"}\\${\'bar\'}\\${"baz"}' />
- <tags:echo echo='17-${"foo"}\\${'bar'}\\${"baz"}' />
+ <tags:echo echo="13-${'foo'}\\${"bar"}\\${'baz'}" />
+ <tags:echo echo="14-${"foo"}\\${'bar'}\\${"baz"}" />
+ <tags:echo echo='15-${'foo'}\\${"bar"}\\${'baz'}' />
+ <tags:echo echo='16-${"foo"}\\${'bar'}\\${"baz"}' />
+ <tags:echo echo='17-${"foo"}\\${"'bar'"}\\${""baz""}'
/>
<tags:echo echo='18-${((x,y)->x+y)(1,2)}' />
<tags:echo echo='19-${{1,2,3,4}.stream().max().orElse(-1)}' />
<p>20-${{1,2,3,4}.stream().max().orElse(-1)}</p>
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1704486&r1=1704485&r2=1704486&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Tue Sep 22 08:56:51 2015
@@ -206,6 +206,15 @@
<subsection name="Jasper">
<changelog>
<fix>
+ <bug>57136</bug>: Correct a regression in the previous fix for this
+ issue. <code>\${</code> should only an escape for <code>${</code>
within
+ an EL expression. Within a JSP page <code>\$</code> should be an escape
+ for <code>$</code>. The EL specification applies when parsing the
+ expression delimited by <code>${</code> and <code>}</code>. Parsing of
+ the delimiting <code>${</code> and <code>}</code> is the responsibility
+ of the JSP specification. (markt)
+ </fix>
+ <fix>
<bug>58296</bug>: Fix a memory leak in the JSP unloading feature that
meant that using a value other than <code>-1</code> for
<code>maxLoadedJsps</code> triggered a memory leak once the limit was
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
