tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 10310] New: - Error handling: balanced <% checking easily fooled
Date Fri, 28 Jun 2002 04:48:10 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10310>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10310

Error handling: balanced <% checking easily fooled

           Summary: Error handling: balanced <% checking easily fooled
           Product: Tomcat 4
           Version: 4.1.3
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Minor
          Priority: Other
         Component: Jasper 2
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jeff@socialchange.net.au


Hi,

Consider this invalid JSP page:

<%
String userName=request.getParameter("name");
<br>
hello there, <%= name %>


There, I forgot to close the <%. But instead of reporting as much, Jasper 2
returns:

org.apache.jasper.JasperException: Unable to compile class for JSP

An error occurred at line: -1 in the jsp file: null

Generated servlet error:


        at
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:120)
        at
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:293)
        at org.apache.jasper.compiler.Compiler.compile(Compiler.java:248)
        at org.apache.jasper.JspEngineContext.compile(JspEngineContext.java:356)
        at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:157)
        at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)


The %> in '<%= name %>' bypasses Jasper's checking for well-balanced <%'s. Of
course, I encountered this in a much more complex page ;)


thanks,

--Jeff

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message