Author: markt
Date: Tue Nov 5 22:56:44 2013
New Revision: 1539177
URL: http://svn.apache.org/r1539177
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55735
This fixes a regression caused by the fix to
https://issues.apache.org/bugzilla/show_bug.cgi?id=55198
When processing JSP documents, attributes in UninterpretedTag nodes that
contain EL should have the the non-EL components XML escaped and the output of
the EL components should not be escaped.
Added:
tomcat/tc7.0.x/trunk/test/org/apache/jasper/compiler/TesterValidator.java
- copied unchanged from r1539173,
tomcat/trunk/test/org/apache/jasper/compiler/TesterValidator.java
Removed:
tomcat/tc7.0.x/trunk/test/org/apache/jasper/runtime/TesterPageContextImpl.java
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/jasper/compiler/Validator.java
tomcat/tc7.0.x/trunk/java/org/apache/jasper/runtime/PageContextImpl.java
tomcat/tc7.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java
tomcat/tc7.0.x/trunk/test/webapp-3.0/WEB-INF/tags/bug55198.tagx
tomcat/tc7.0.x/trunk/test/webapp-3.0/bug5nnnn/bug55198.jsp
Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1539173
Modified: tomcat/tc7.0.x/trunk/java/org/apache/jasper/compiler/Validator.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/jasper/compiler/Validator.java?rev=1539177&r1=1539176&r2=1539177&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/jasper/compiler/Validator.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/jasper/compiler/Validator.java Tue Nov
5 22:56:44 2013
@@ -38,6 +38,7 @@ import javax.servlet.jsp.tagext.TagLibra
import javax.servlet.jsp.tagext.ValidationMessage;
import org.apache.jasper.JasperException;
+import org.apache.jasper.compiler.ELNode.Text;
import org.apache.jasper.el.ELContextImpl;
import org.xml.sax.Attributes;
@@ -1377,8 +1378,16 @@ class Validator {
validateFunctions(el, n);
- result = new Node.JspAttribute(tai, qName, uri,
- localName, value, false, el, dynamic);
+ if (n.getRoot().isXmlSyntax()) {
+ // The non-EL elements need to be XML escaped
+ XmlEscapeNonELVisitor v = new
XmlEscapeNonELVisitor();
+ el.visit(v);
+ result = new Node.JspAttribute(tai, qName, uri,
+ localName, v.getText(), false, el,
dynamic);
+ } else {
+ result = new Node.JspAttribute(tai, qName, uri,
+ localName, value, false, el, dynamic);
+ }
ELContextImpl ctx = new ELContextImpl();
ctx.setFunctionMapper(getFunctionMapper(el));
@@ -1413,6 +1422,16 @@ class Validator {
return result;
}
+
+ private static class XmlEscapeNonELVisitor extends
ELParser.TextBuilder {
+
+ @Override
+ public void visit(Text n) throws JasperException {
+ output.append(xmlEscape(n.getText()));
+ }
+ }
+
+
/*
* Return an empty StringBuilder [not thread-safe]
*/
@@ -1858,4 +1877,67 @@ class Validator {
errDisp.jspError(errMsg.toString());
}
}
+
+ protected static String xmlEscape(String s) {
+ if (s == null) {
+ return null;
+ }
+ int len = s.length();
+
+ /*
+ * Look for any "bad" characters, Escape "bad" character was found
+ */
+ // ASCII " 34 & 38 ' 39 < 60 > 62
+ for (int i = 0; i < len; i++) {
+ char c = s.charAt(i);
+ if (c >= '\"' && c <= '>' &&
+ (c == '<' || c == '>' || c == '\'' || c == '&' || c ==
'"')) {
+ // need to escape them and then quote the whole string
+ StringBuilder sb = new StringBuilder((int) (len * 1.2));
+ sb.append(s, 0, i);
+ int pos = i + 1;
+ for (int j = i; j < len; j++) {
+ c = s.charAt(j);
+ if (c >= '\"' && c <= '>') {
+ if (c == '<') {
+ if (j > pos) {
+ sb.append(s, pos, j);
+ }
+ sb.append("<");
+ pos = j + 1;
+ } else if (c == '>') {
+ if (j > pos) {
+ sb.append(s, pos, j);
+ }
+ sb.append(">");
+ pos = j + 1;
+ } else if (c == '\'') {
+ if (j > pos) {
+ sb.append(s, pos, j);
+ }
+ sb.append("'"); // '
+ pos = j + 1;
+ } else if (c == '&') {
+ if (j > pos) {
+ sb.append(s, pos, j);
+ }
+ sb.append("&");
+ pos = j + 1;
+ } else if (c == '"') {
+ if (j > pos) {
+ sb.append(s, pos, j);
+ }
+ sb.append("""); // "
+ pos = j + 1;
+ }
+ }
+ }
+ if (pos < len) {
+ sb.append(s, pos, len);
+ }
+ return sb.toString();
+ }
+ }
+ return s;
+ }
}
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/jasper/runtime/PageContextImpl.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/jasper/runtime/PageContextImpl.java?rev=1539177&r1=1539176&r2=1539177&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/jasper/runtime/PageContextImpl.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/jasper/runtime/PageContextImpl.java
Tue Nov 5 22:56:44 2013
@@ -913,69 +913,6 @@ public class PageContextImpl extends Pag
}
}
- protected static String XmlEscape(String s) {
- if (s == null) {
- return null;
- }
- int len = s.length();
-
- /*
- * Look for any "bad" characters, Escape "bad" character was found
- */
- // ASCII " 34 & 38 ' 39 < 60 > 62
- for (int i = 0; i < len; i++) {
- char c = s.charAt(i);
- if (c >= '\"' && c <= '>' &&
- (c == '<' || c == '>' || c == '\'' || c == '&' || c ==
'"')) {
- // need to escape them and then quote the whole string
- StringBuilder sb = new StringBuilder((int) (len * 1.2));
- sb.append(s, 0, i);
- int pos = i + 1;
- for (int j = i; j < len; j++) {
- c = s.charAt(j);
- if (c >= '\"' && c <= '>') {
- if (c == '<') {
- if (j > pos) {
- sb.append(s, pos, j);
- }
- sb.append("<");
- pos = j + 1;
- } else if (c == '>') {
- if (j > pos) {
- sb.append(s, pos, j);
- }
- sb.append(">");
- pos = j + 1;
- } else if (c == '\'') {
- if (j > pos) {
- sb.append(s, pos, j);
- }
- sb.append("'"); // '
- pos = j + 1;
- } else if (c == '&') {
- if (j > pos) {
- sb.append(s, pos, j);
- }
- sb.append("&");
- pos = j + 1;
- } else if (c == '"') {
- if (j > pos) {
- sb.append(s, pos, j);
- }
- sb.append("""); // "
- pos = j + 1;
- }
- }
- }
- if (pos < len) {
- sb.append(s, pos, len);
- }
- return sb.toString();
- }
- }
- return s;
- }
-
/**
* Proprietary method to evaluate EL expressions. XXX - This method should
* go away once the EL interpreter moves out of JSTL and into its own
@@ -1025,9 +962,6 @@ public class PageContextImpl extends Pag
ValueExpression ve = exprFactory.createValueExpression(ctx,
expression, expectedType);
retValue = ve.getValue(ctx);
}
- if (escape && retValue != null) {
- retValue = XmlEscape(retValue.toString());
- }
return retValue;
}
Modified: tomcat/tc7.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java?rev=1539177&r1=1539176&r2=1539177&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java
(original)
+++ tomcat/tc7.0.x/trunk/test/org/apache/jasper/compiler/TestParser.java Tue
Nov 5 22:56:44 2013
@@ -328,10 +328,16 @@ public class TestParser extends TomcatBa
String result = res.toString();
- Assert.assertTrue(result.contains(""bar"") ||
- result.contains(""bar""));
- Assert.assertTrue(result.contains(""foo"") ||
- result.contains(""foo""));
+ Assert.assertTrue(result.contains(""1foo1"") ||
+ result.contains(""1foo1""));
+ Assert.assertTrue(result.contains(""2bar2"") ||
+ result.contains(""2bar2""));
+ Assert.assertTrue(result.contains(""3a&b3"") ||
+ result.contains(""3a&b3""));
+ Assert.assertTrue(result.contains(""4&4"") ||
+ result.contains(""4&4""));
+ Assert.assertTrue(result.contains(""5'5"") ||
+ result.contains(""5'5""));
}
/** Assertion for text printed by tags:echo */
Modified: tomcat/tc7.0.x/trunk/test/webapp-3.0/WEB-INF/tags/bug55198.tagx
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/webapp-3.0/WEB-INF/tags/bug55198.tagx?rev=1539177&r1=1539176&r2=1539177&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/test/webapp-3.0/WEB-INF/tags/bug55198.tagx (original)
+++ tomcat/tc7.0.x/trunk/test/webapp-3.0/WEB-INF/tags/bug55198.tagx Tue Nov 5
22:56:44 2013
@@ -17,7 +17,10 @@
-->
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"; version="2.0">
<jsp:directive.tag body-content="scriptless" />
-<a href="#" onclick="window.alert("${'foo'}")">foo</a>
-<a href="#" onclick="window.alert("bar")">bar</a>
+<a href="#" onclick="window.alert("1${'foo'}1")">foo</a>
+<a href="#" onclick="window.alert("2bar2")">bar</a>
+<a href="#" onclick="window.alert("3${text}3")">foo</a>
+<a href="#" onclick="window.alert("4${'&'}4")">foo</a>
+<a href="#" onclick="window.alert("5${'&apos;'}5")">foo</a>
<jsp:doBody />
</jsp:root>
Modified: tomcat/tc7.0.x/trunk/test/webapp-3.0/bug5nnnn/bug55198.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/webapp-3.0/bug5nnnn/bug55198.jsp?rev=1539177&r1=1539176&r2=1539177&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/test/webapp-3.0/bug5nnnn/bug55198.jsp (original)
+++ tomcat/tc7.0.x/trunk/test/webapp-3.0/bug5nnnn/bug55198.jsp Tue Nov 5
22:56:44 2013
@@ -15,6 +15,9 @@
limitations under the License.
--%>
<%@ taglib prefix="tags" tagdir="/WEB-INF/tags" %>
+<%
+request.setAttribute("text", "a&b");
+%>
<html>
<head><title>Bug 55198 test case</title></head>
<body>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
