From dev-return-102522-apmail-tomcat-dev-archive=tomcat.apache.org@tomcat.apache.org Sun Jan 31 01:41:06 2010
Return-Path: <dev-return-102522-apmail-tomcat-dev-archive=tomcat.apache.org@tomcat.apache.org>
Delivered-To: apmail-tomcat-dev-archive@www.apache.org
Received: (qmail 69827 invoked from network); 31 Jan 2010 01:41:06 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 31 Jan 2010 01:41:06 -0000
Received: (qmail 45282 invoked by uid 500); 31 Jan 2010 01:41:05 -0000
Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org
Received: (qmail 45197 invoked by uid 500); 31 Jan 2010 01:41:05 -0000
Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@tomcat.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@tomcat.apache.org>
List-Post: <mailto:dev@tomcat.apache.org>
List-Id: <dev.tomcat.apache.org>
Reply-To: "Tomcat Developers List" <dev@tomcat.apache.org>
Delivered-To: mailing list dev@tomcat.apache.org
Received: (qmail 45186 invoked by uid 99); 31 Jan 2010 01:41:05 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 31 Jan 2010 01:41:05 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 31 Jan 2010 01:41:02 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
	id 575FA23889DA; Sun, 31 Jan 2010 01:40:40 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r904949 - in /tomcat/trunk:
 java/org/apache/jasper/compiler/AttributeParser.java
 java/org/apache/jasper/compiler/Parser.java
 test/org/apache/jasper/compiler/TestAttributeParser.java
Date: Sun, 31 Jan 2010 01:40:40 -0000
To: dev@tomcat.apache.org
From: markt@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20100131014040.575FA23889DA@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: markt
Date: Sun Jan 31 01:40:39 2010
New Revision: 904949

URL: http://svn.apache.org/viewvc?rev=904949&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48627
Don't convert literal attribute values to EL since attributes may not accept EL

Modified:
    tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java
    tomcat/trunk/java/org/apache/jasper/compiler/Parser.java
    tomcat/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java

Modified: tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java?rev=904949&r1=904948&r2=904949&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java Sun Jan 31 01:40:39 2010
@@ -43,13 +43,16 @@
      *                      scripting expressions.
      * @param isELIgnored   Is expression language being ignored on the page
      *                      where the JSP attribute is defined.
+     * @param isDeferredSyntaxAllowedAsLiteral
+     *                      Are deferred expressions treated as literals?
      * @return              An unquoted JSP attribute that, if it contains
      *                      expression language can be safely passed to the EL
      *                      processor without fear of ambiguity.
      */
     public static String getUnquoted(String input, char quote,
-            boolean isELIgnored) {
+            boolean isELIgnored, boolean isDeferredSyntaxAllowedAsLiteral) {
         return (new AttributeParser(input, quote, isELIgnored,
+                isDeferredSyntaxAllowedAsLiteral,
                 STRICT_QUOTE_ESCAPING)).getUnquoted();
     }
 
@@ -62,15 +65,18 @@
      *                      scripting expressions.
      * @param isELIgnored   Is expression language being ignored on the page
      *                      where the JSP attribute is defined.
+     * @param isDeferredSyntaxAllowedAsLiteral
+     *                      Are deferred expressions treated as literals?
      * @param strict        The value to use for STRICT_QUOTE_ESCAPING.
      * @return              An unquoted JSP attribute that, if it contains
      *                      expression language can be safely passed to the EL
      *                      processor without fear of ambiguity.
      */
     protected static String getUnquoted(String input, char quote,
-            boolean isELIgnored, boolean strict) {
+            boolean isELIgnored, boolean isDeferredSyntaxAllowedAsLiteral,
+            boolean strict) {
         return (new AttributeParser(input, quote, isELIgnored,
-                strict)).getUnquoted();
+                isDeferredSyntaxAllowedAsLiteral, strict)).getUnquoted();
     }
 
     /* The quoted input string. */
@@ -83,6 +89,9 @@
      * treated as literals rather than quoted values. */
     private final boolean isELIgnored;
     
+    /* Are deferred expression treated as literals */
+    private final boolean isDeferredSyntaxAllowedAsLiteral;
+    
     /* Overrides the STRICT_QUOTE_ESCAPING. Used for Unit tests only. */
     private final boolean strict;
     
@@ -109,12 +118,15 @@
      * @param strict
      */
     private AttributeParser(String input, char quote,
-            boolean isELIgnored, boolean strict) {
+            boolean isELIgnored, boolean isDeferredSyntaxAllowedAsLiteral,
+            boolean strict) {
         this.input = input;
         this.quote = quote;
         // If quote is null this is a scriptign expressions and any EL syntax
         // should be ignored
         this.isELIgnored = isELIgnored || (quote == 0);
+        this.isDeferredSyntaxAllowedAsLiteral =
+            isDeferredSyntaxAllowedAsLiteral;
         this.strict = strict;
         this.type = getType(input);
         this.size = input.length();
@@ -151,22 +163,27 @@
             char ch = nextChar();
             if (!isELIgnored && ch == '\\') {
                 if (type == 0) {
-                    type = '$';
+                    result.append("\\");
+                } else {
+                    result.append(type);
+                    result.append("{'\\\\'}");
                 }
-                result.append(type);
-                result.append("{'\\\\'}");
             } else if (!isELIgnored && ch == '$' && lastChEscaped){
                 if (type == 0) {
-                    type = '$';
+                    result.append("\\$");
+                } else {
+                    result.append(type);
+                    result.append("{'$'}");
                 }
-                result.append(type);
-                result.append("{'$'}");
             } else if (!isELIgnored && ch == '#' && lastChEscaped){
+                // Note if isDeferredSyntaxAllowedAsLiteral==true, \# will
+                // not be treated as an escape
                 if (type == 0) {
-                    type = '$';
+                    result.append("\\#");
+                } else {
+                    result.append(type);
+                    result.append("{'#'}");
                 }
-                result.append(type);
-                result.append("{'#'}");
             } else if (ch == type){
                 if (i < size) {
                     char next = input.charAt(i);
@@ -261,7 +278,10 @@
         } else if (ch == '\\' && i + 1 < size) {
             ch = input.charAt(i + 1);
             if (ch == '\\' || ch == '\"' || ch == '\'' ||
-                    (!isELIgnored && (ch == '$' || ch == '#'))) {
+                    (!isELIgnored &&
+                            (ch == '$' ||
+                                    (!isDeferredSyntaxAllowedAsLiteral &&
+                                            ch == '#')))) {
                 i += 2;
                 lastChEscaped = true;
             } else {
@@ -311,13 +331,13 @@
         int j = 0;
         int len = value.length();
         char current;
-        
+
         while (j < len) {
             current = value.charAt(j);
             if (current == '\\') {
                 // Escape character - skip a character
                 j++;
-            } else if (current == '#') {
+            } else if (current == '#' && !isDeferredSyntaxAllowedAsLiteral) {
                 if (j < (len -1) && value.charAt(j + 1) == '{') {
                     return '#';
                 }

Modified: tomcat/trunk/java/org/apache/jasper/compiler/Parser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Parser.java?rev=904949&r1=904948&r2=904949&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/Parser.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/Parser.java Sun Jan 31 01:40:39 2010
@@ -249,7 +249,8 @@
                 quote = watch.charAt(0);
             }
             ret = AttributeParser.getUnquoted(reader.getText(start, stop),
-                    quote, pageInfo.isELIgnored());
+                    quote, pageInfo.isELIgnored(),
+                    pageInfo.isDeferredSyntaxAllowedAsLiteral());
         } catch (IllegalArgumentException iae) {
             err.jspError(start, iae.getMessage());
         }

Modified: tomcat/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java?rev=904949&r1=904948&r2=904949&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java (original)
+++ tomcat/trunk/test/org/apache/jasper/compiler/TestAttributeParser.java Sun Jan 31 01:40:39 2010
@@ -150,13 +150,15 @@
         ctx.setFunctionMapper(new FMapper());
         ExpressionFactoryImpl exprFactory = new ExpressionFactoryImpl();
         ValueExpression ve = exprFactory.createValueExpression(ctx,
-                AttributeParser.getUnquoted(expression, quote, false, false),
+                AttributeParser.getUnquoted(expression, quote, false, false,
+                        false),
                 String.class);
         return (String) ve.getValue(ctx);
     }
     
     private String parseScriptExpression(String expression, char quote) {
-        return AttributeParser.getUnquoted(expression, quote, false, false);
+        return AttributeParser.getUnquoted(expression, quote, false, false,
+                false);
     }
 
     public static class FMapper extends FunctionMapper {



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org