tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 43617] New: - attribute values within a .tag(x) file are not properly escaped
Date Sat, 13 Oct 2007 01:29:41 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43617>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43617

           Summary: attribute values within a .tag(x) file are not properly
                    escaped
           Product: Tomcat 6
           Version: 6.0.14
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Jasper
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: lgalfaso@gmail.com


Attribute values within a .tag(x) file are not properly escaped when they are
converted into .java files.
E.g
Create a .tagx file with this content

<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
          xmlns="http://www.w3.org/1999/xhtml"
          version="2.1">
  <div test='"'>Hello world</div>
</jsp:root>

Call this tag from a .jsp page.

Will attach a patch within some minutes

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message