https://issues.apache.org/bugzilla/show_bug.cgi?id=45427
ilango <[EMAIL PROTECTED]> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #1 from ilango <[EMAIL PROTECTED]> 2008-08-09 14:28:17 PST ---
(In reply to comment #0)
Can I test this under Tomcat under Ubuntu Fiesty Fawn?
thanks
ilango
> Created an attachment (id=22277)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=22277) [details]
> Simple WAR containing test JSPs for the working and broken expressions.
>
> According to my reading of Sun's EL spec for JSP 2.1, any of the following
> expressions should be legal -
> ${'This string contains unmatched escaped \' single and " double quotes,
> inside single quotes'}
> ${"This string contains unmatched ' single and escaped \" double quotes,
> inside double quotes"}
> ${"This string contains an ' unescaped single quote, inside double
> quotes"}
> ${'This string contains an " unescaped, unmatched double quote, inside
> single quotes'}
>
> - but in Tomcat, none of the above expressions compiles, at least not when
> alone. (In some files, the unmatched quote may be matched inside a later EL
> expression. In that case, the JSP will compile, but both expressions, together
> with everything in between them, will be merged into one string literal! This
> is especially insidious.)
>
> org.apache.jasper.JasperException: /broken1.jsp(2,2) Unterminated ${ tag
> org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:40)
> org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:407)
> org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:132)
> org.apache.jasper.compiler.Parser.parseELExpression(Parser.java:763)
> org.apache.jasper.compiler.Parser.parseElements(Parser.java:1451)
> org.apache.jasper.compiler.Parser.parse(Parser.java:133)
> org.apache.jasper.compiler.ParserController.doParse(ParserController.java:216)
> org.apache.jasper.compiler.ParserController.parse(ParserController.java:103)
> org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:153)
> org.apache.jasper.compiler.Compiler.compile(Compiler.java:314)
> org.apache.jasper.compiler.Compiler.compile(Compiler.java:294)
> org.apache.jasper.compiler.Compiler.compile(Compiler.java:281)
> org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:566)
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:317)
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:337)
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>
>
> The EL parser implementation seems to think that nested quotes are only
> escaped
> if they are the same (single/double) as the surrounding quotes, but nested
> quotes don't have to be closed/matched. The JSP implementation, on the other
> hand, seems to think that quotes do have to be matched, unless they are
> escaped. For some strings (above), no combination of escaping will make both
> parsers happy. I'm not sure whether this is a bug in the JSP implementation,
> or
> perhaps a deficiency in the JSP/EL specs.
>
> I have collected the above expressions which break the parser
> (broken[1234].jsp), along with some illegal expressions and some working
> expressions (working.jsp) in a small WAR file which is attached to this
> report.
> I don't believe that the files broken[1234].jsp should be causing exceptions.
>
> Note: for some reason, single quoted strings are not allowed(!) to contain
> escaped double quotes, and vice versa, so these expressions are illegal, and
> thus it's okay that they don't compile (illegal[12].jsp):
> ${"This string contains an \' escaped single quote, inside double quotes"}
> ${'This string contains an \" escaped double quote, inside single quotes'}
> (Note that the text of the EL spec implies that these should be legal, but the
> EL grammar says otherwise. Not a good sign...)
>
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
