tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: TC 5.5.27 upgrade JSP tag attribute quoting
Date Wed, 15 Oct 2008 13:35:16 GMT
David Wall wrote:
> While it makes sense, I was just checking to see if upgrading from
> Tomcat 5.5.26 to 5.5.27, not thinking such an upgrade would require JSP
> source code changes, will hold true going forward with subsequent Tomcat
> releases.
> We have a few places where JSP tag attribute values have Java code that
> itself contains double quotes, such as:
> <tt:mytag value="<%=("field"+i)%>"/>
> or
> <tt:mytag value="<%=bean.get("name")%>"/>
> In 5.5.26, this compiled okay, but in 5.5.27, it results in an error like:
> org.apache.jasper.JasperException: /app/mypage.jsp(43,21) Attribute
> value ("field"+i) is quoted with " which must be escaped when used
> within the value
>     org.apache.jasper.compiler.DefaultErrorHandler.jspError(
> It does make some sense, yet it worked fine for years.  Is this
> something that will be true going forward with Tomcat releases, or is
> this some sort of "bug" that was introduced in 5.5.27?  It is only
> interesting because even the error message shows it parses the attribute
> value correctly.

Versions prior to 5.5.27 did not enforce the quoting requirements of the
JSP spec. This was fixed in 5.5.27. You can disable this behaviour. See and look


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message