geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rex Wang (JIRA)" <j...@apache.org>
Subject [jira] Updated: (GERONIMO-5384) Geronimo console doesn't seem to handle % in sql statements right.
Date Tue, 22 Jun 2010 02:34:54 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rex Wang updated GERONIMO-5384:
-------------------------------

    Fix Version/s: 2.1.7
                       (was: 2.1.6)

> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
>                 Key: GERONIMO-5384
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5384
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>    Affects Versions: 2.1.5, 2.2.1
>            Reporter: Knut-HÃ¥vard Aksnes
>            Assignee: Rex Wang
>             Fix For: 2.1.7, 2.2.1, 3.0
>
>   Original Estimate: 0h
>  Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run  this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling
this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%)
pattern - For input string: "a%"
> 	java.net.URLDecoder.decode(URLDecoder.java:173)
> 	org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> 	org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> 	org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message