[JIRA] (HHH-16893) Hibernate incorrectly escaping like statements in
by Harry J.E Day (JIRA)
Harry J.E Day ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=62f0573... ) *created* an issue
Hibernate ORM ( https://hibernate.atlassian.net/browse/HHH?atlOrigin=eyJpIjoiZjBlYWY5YzMw... ) / Bug ( https://hibernate.atlassian.net/browse/HHH-16893?atlOrigin=eyJpIjoiZjBlYW... ) HHH-16893 ( https://hibernate.atlassian.net/browse/HHH-16893?atlOrigin=eyJpIjoiZjBlYW... ) Hibernate incorrectly escaping like statements in ( https://hibernate.atlassian.net/browse/HHH-16893?atlOrigin=eyJpIjoiZjBlYW... )
Issue Type: Bug Affects Versions: 6.1.7, 6.2.0 Assignee: Unassigned Created: 05/Jul/2023 00:06 AM Environment: Postgress 14
JPA & Spring Boot 3.0.8 (with standard depedency management), also tested in Spring boot 3.1.x
OS: Occurs on Both Mac & Linux
JDK: 17
Kotlin: 1.8.22 Priority: Major Reporter: Harry J.E Day ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=62f0573... )
Hi I appear to have encountered a regression in Hibernate 6.
I originally raised this as a stackoverflow at https://stackoverflow.com/questions/76616777/hibernate-6-upgrade-error-sy... but further research and feedback on the post it doesn’t appear to be a configuration or logic error in the project, nor does there seem to be a way to configure it.
It seems that Hibernate 6 is generating invalid syntax SQL (which it wasn't in hibernate 5) for postgress like queries.
Here's the exception:
org.hibernate.exception.SQLGrammarException: JDBC exception executing SQL [select b1_0.int_id,b1_0.country,b1_0.governing_district,b1_0.id,b1_0.legacy_id,b1_0.name,b1_0.postal_area from basic_suburbs b1_0 where b1_0.country=? and upper(b1_0.name) like upper(?) escape \ or b1_0.country=? and b1_0.postal_area like ? escape \ order by b1_0.name offset ? rows fetch first ? rows only] [ERROR: syntax error at or near "\"
Position: 196] [n/a]
at org.hibernate.exception.internal.SQLStateConversionDelegate.convert(SQLStateConversionDelegate.java:89)
at org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:56)
at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:108)
at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:94)
at org.hibernate.sql.results.jdbc.internal.DeferredResultSetAccess.executeQuery(DeferredResultSetAccess.java:257)
at org.hibernate.sql.results.jdbc.internal.DeferredResultSetAccess.getResultSet(DeferredResultSetAccess.java:163)
at org.hibernate.sql.results.jdbc.internal.JdbcValuesResultSetImpl.advanceNext(JdbcValuesResultSetImpl.java:254)
at org.hibernate.sql.results.jdbc.internal.JdbcValuesResultSetImpl.processNext(JdbcValuesResultSetImpl.java:134)
at org.hibernate.sql.results.jdbc.internal.AbstractJdbcValues.next(AbstractJdbcValues.java:19)
at org.hibernate.sql.results.internal.RowProcessingStateStandardImpl.next(RowProcessingStateStandardImpl.java:66)
at org.hibernate.sql.results.spi.ListResultsConsumer.consume(ListResultsConsumer.java:198)
at org.hibernate.sql.results.spi.ListResultsConsumer.consume(ListResultsConsumer.java:33)
at org.hibernate.sql.exec.internal.JdbcSelectExecutorStandardImpl.doExecuteQuery(JdbcSelectExecutorStandardImpl.java:361)
at org.hibernate.sql.exec.internal.JdbcSelectExecutorStandardImpl.executeQuery(JdbcSelectExecutorStandardImpl.java:168)
at org.hibernate.sql.exec.internal.JdbcSelectExecutorStandardImpl.list(JdbcSelectExecutorStandardImpl.java:93)
at org.hibernate.sql.exec.spi.JdbcSelectExecutor.list(JdbcSelectExecutor.java:31)
at org.hibernate.query.sqm.internal.ConcreteSqmSelectQueryPlan.lambda$new$0(ConcreteSqmSelectQueryPlan.java:110)
at org.hibernate.query.sqm.internal.ConcreteSqmSelectQueryPlan.withCacheableSqmInterpretation(ConcreteSqmSelectQueryPlan.java:303)
at org.hibernate.query.sqm.internal.ConcreteSqmSelectQueryPlan.performList(ConcreteSqmSelectQueryPlan.java:244)
at org.hibernate.query.sqm.internal.QuerySqmImpl.doList(QuerySqmImpl.java:518)
at org.hibernate.query.spi.AbstractSelectionQuery.list(AbstractSelectionQuery.java:367)
at org.hibernate.query.Query.getResultList(Query.java:119)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.springframework.orm.jpa.SharedEntityManagerCreator$DeferredQueryInvocationHandler.invoke(SharedEntityManagerCreator.java:405)
at jdk.proxy2/jdk.proxy2.$Proxy326.getResultList(Unknown Source)
at org.springframework.data.jpa.repository.query.JpaQueryExecution$CollectionExecution.doExecute(JpaQueryExecution.java:129)
at org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:92)
at org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:148)
at org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:136)
at org.springframework.data.repository.core.support.RepositoryMethodInvoker.doInvoke(RepositoryMethodInvoker.java:136)
at org.springframework.data.repository.core.support.RepositoryMethodInvoker.invoke(RepositoryMethodInvoker.java:120)
at org.springframework.data.repository.core.support.QueryExecutorMethodInterceptor.doInvoke(QueryExecutorMethodInterceptor.java:164)
at org.springframework.data.repository.core.support.QueryExecutorMethodInterceptor.invoke(QueryExecutorMethodInterceptor.java:143)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:123)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:391)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:137)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:135)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:97)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.data.repository.core.support.MethodInvocationValidator.invoke(MethodInvocationValidator.java:94)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:244)
at jdk.proxy2/jdk.proxy2.$Proxy260.findAllByCountryAndNameLikeIgnoreCaseOrCountryAndPostalAreaLikeOrderByName(Unknown Source)
at nct.core.suburbs.adapters.sql.BasicSuburbCrudRepository$DefaultImpls.findAllByCountryAndNameLikeIgnoreCaseOrCountryAndPostalAreaLikeOrderByName$default(BasicSuburbRepository.kt:61)
at nct.core.suburbs.adapters.sql.BasicSuburbRepository.queryFirst10ByCountryAndNameOrPostalArea(BasicSuburbRepository.kt:49)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:196)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:756)
at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:137)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:756)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:708)
at nct.core.suburbs.adapters.sql.BasicSuburbRepository$$SpringCGLIB$$0.queryFirst10ByCountryAndNameOrPostalArea(<generated>)
at nct.core.suburbs.adapters.sql.BasicSuburbRepositoryTest.shouldGetUpTo10NameAndPostalAreaMatchingSuburbs(BasicSuburbRepositoryTest.kt:374)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:727)
at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:156)
at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:147)
at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:86)
at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(InterceptingExecutableInvoker.java:103)
at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.lambda$invoke$0(InterceptingExecutableInvoker.java:93)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.invoke(InterceptingExecutableInvoker.java:92)
at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.invoke(InterceptingExecutableInvoker.java:86)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$7(TestMethodTestDescriptor.java:217)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:213)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:138)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:68)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:151)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:41)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:155)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:41)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:155)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.submit(SameThreadHierarchicalTestExecutorService.java:35)
at org.junit.platform.engine.support.hierarchical.HierarchicalTestExecutor.execute(HierarchicalTestExecutor.java:57)
at org.junit.platform.engine.support.hierarchical.HierarchicalTestEngine.execute(HierarchicalTestEngine.java:54)
at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:147)
at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:127)
at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:90)
at org.junit.platform.launcher.core.EngineExecutionOrchestrator.lambda$execute$0(EngineExecutionOrchestrator.java:55)
at org.junit.platform.launcher.core.EngineExecutionOrchestrator.withInterceptedStreams(EngineExecutionOrchestrator.java:102)
at org.junit.platform.launcher.core.EngineExecutionOrchestrator.execute(EngineExecutionOrchestrator.java:54)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:114)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:86)
at org.junit.platform.launcher.core.DefaultLauncherSession$DelegatingLauncher.execute(DefaultLauncherSession.java:86)
at org.junit.platform.launcher.core.SessionPerRequestLauncher.execute(SessionPerRequestLauncher.java:53)
at com.intellij.junit5.JUnit5IdeaTestRunner.startRunnerWithArgs(JUnit5IdeaTestRunner.java:57)
at com.intellij.rt.junit.IdeaTestRunner$Repeater$1.execute(IdeaTestRunner.java:38)
at com.intellij.rt.execution.junit.TestsRepeater.repeat(TestsRepeater.java:11)
at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:35)
at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:232)
at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:55)
Caused by: org.postgresql.util.PSQLException: ERROR: syntax error at or near "\"
Position: 196
at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2713)
at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2401)
at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:368)
at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:498)
at org.postgresql.jdbc.PgStatement.execute(PgStatement.java:415)
at org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:190)
at org.postgresql.jdbc.PgPreparedStatement.executeQuery(PgPreparedStatement.java:134)
at com.zaxxer.hikari.pool.ProxyPreparedStatement.executeQuery(ProxyPreparedStatement.java:52)
at com.zaxxer.hikari.pool.HikariProxyPreparedStatement.executeQuery(HikariProxyPreparedStatement.java)
at org.hibernate.sql.results.jdbc.internal.DeferredResultSetAccess.executeQuery(DeferredResultSetAccess.java:239)
... 132 more
The Repository Code:
internal interface BasicSuburbCrudRepository : CrudRepository<BasicSuburbEntity, Int>, JpaSpecificationExecutor<BasicSuburbEntity> {
fun findAllByCountryAndNameLikeIgnoreCaseOrCountryAndPostalAreaLikeOrderByName(
country: String, nameQuery: String,
countryForPostalAreaQuery: String = country, postalAreaQuery: String,
pageable: Pageable,
): List<BasicSuburbEntity>
}
Entity class - note same error occurs with and without @JdbcTypeCode(SqlTypes.LONGVARCHAR) annotation.
@Entity
@Table(name = "basic_suburbs")
data class BasicSuburbEntity(
@Id
@Column(name = "int_id")
@GeneratedValue(strategy = GenerationType.IDENTITY)
val intId: Int? = null,
@JdbcTypeCode(SqlTypes.LONGVARCHAR)
@Column(name = "legacy_id")
val legacyId: String,
@JdbcTypeCode(SqlTypes.LONGVARCHAR)
@Column(name = "name")
val name: String,
@JdbcTypeCode(SqlTypes.LONGVARCHAR)
@Column(name = "country")
val country: String,
@JdbcTypeCode(SqlTypes.LONGVARCHAR)
@Column(name = "governing_district")
val governingDistrict: String,
@JdbcTypeCode(SqlTypes.LONGVARCHAR)
@Column(name = "postal_area")
val postalArea: String,
@Column(name = "id")
val id: UUID?,
)
From what I understand Spring Boot should auto-configure dialect and database type so it should be generating correctly. However even when manually setting the PostgreSQLDialect dialect it still fails. This query works in Hibernate 5/Spring Boot 2.7.
From manually running the query it should be escaping the slash in {{escape \ }}but can't see how to configure this.
Other queries such as findAll with a Specification work correctly.
Thanks for your help.
( https://hibernate.atlassian.net/browse/HHH-16893#add-comment?atlOrigin=ey... ) Add Comment ( https://hibernate.atlassian.net/browse/HHH-16893#add-comment?atlOrigin=ey... )
Get Jira notifications on your phone! Download the Jira Cloud app for Android ( https://play.google.com/store/apps/details?id=com.atlassian.android.jira.... ) or iOS ( https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=EmailN... ) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100229- sha1:634ba05 )
2 years, 9 months
[JIRA] (HHH-16892) LocalXmlResourceResolver does not resolve dtd URLs that use https scheme
by Thirunavukarasu Thulasi (JIRA)
Thirunavukarasu Thulasi ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=712020%... ) *updated* an issue
Hibernate ORM ( https://hibernate.atlassian.net/browse/HHH?atlOrigin=eyJpIjoiMTU3Y2MyZDJl... ) / Bug ( https://hibernate.atlassian.net/browse/HHH-16892?atlOrigin=eyJpIjoiMTU3Y2... ) HHH-16892 ( https://hibernate.atlassian.net/browse/HHH-16892?atlOrigin=eyJpIjoiMTU3Y2... ) LocalXmlResourceResolver does not resolve dtd URLs that use https scheme ( https://hibernate.atlassian.net/browse/HHH-16892?atlOrigin=eyJpIjoiMTU3Y2... )
Change By: Thirunavukarasu Thulasi ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=712020%... )
*Background*
As per the following recommendation, we had updated all our hibernate mapping files to refer dtd files with using * https * scheme
[The markup declarations contained or pointed to by the document type declaration must be well-formed - Hibernate ORM - Hibernate|https://discourse.hibernate.org/t/the-markup-declarations-conta...]
i,e we had updated our hibernate mapping files to use the recommended existing dtd urls
updated existing urls from
[http://www.hibernate.org/dtd/hibernate-mapping-3.0.dtd|http://www.hiberna...]
to
[{color:#006644}*https*{color}|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22][://hibernate.org/dtd/hibernate-mapping-3.0.dtd|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22]
Also, we had upgraded hibernate version to version 5.6.6 (which has a fix for HHH-15094)
*Problem*
Hibernate does not resolve dtd files locally when using *https* scheme,
But, it resolves the dtd files locally when using *http* scheme
*Analysis*
Following is a snippet of code from LocalXmlResourceResolver,
!image-20230705-030300.png|width=544,height=336!
When *HTTP* scheme is used, Hibernate uses *startsWith* to compare with the identifierBase,
But, when *HTTPS* scheme is used, Hibernate uses *matches* to compare with the identiferBase (which fails due to the presence of version at the end of systemId)
For example,
Consider a hibernate mapping file with the following DOCTYPE (changed as per above recommendation)
<!DOCTYPE hibernate-mapping PUBLIC
"-//Hibernate/Hibernate Mapping DTD//EN"
"[https://hibernate.org/dtd/hibernate-mapping-3.0.dtd"|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22]>
In the LocalXmlResourceResolver, The condition which checks whether to return local resource, fails and returns false when https scheme is used
i,e
if ( systemId.startsWith( httpBase )
|| systemId.matches( httpsBase ) ) {
return true;
}
checks as follows
"[https://hibernate.org/dtd/hibernate-mapping-3.0.dtd"|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22].matches({{"hibernate.org/dtd/hibernate-mapping"}})
which returns {color:#bf2600}*false* {color}
*Proposed solution*
* Change systemId.{color:#bf2600}*matches*{color}() to either systemId.*startsWith()* or systemId.*contains()*
*Test*
In the attached unit test, we can see find that the test case that tries to resolve dtd file using HTTPS scheme fails, whereas the the test case that tries to resolve dtd file using HTTP scheme succeeds
( https://hibernate.atlassian.net/browse/HHH-16892#add-comment?atlOrigin=ey... ) Add Comment ( https://hibernate.atlassian.net/browse/HHH-16892#add-comment?atlOrigin=ey... )
Get Jira notifications on your phone! Download the Jira Cloud app for Android ( https://play.google.com/store/apps/details?id=com.atlassian.android.jira.... ) or iOS ( https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=EmailN... ) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100229- sha1:634ba05 )
2 years, 9 months
[JIRA] (HHH-16892) LocalXmlResourceResolver does not resolve dtd URLs that use https scheme
by Thirunavukarasu Thulasi (JIRA)
Thirunavukarasu Thulasi ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=712020%... ) *updated* an issue
Hibernate ORM ( https://hibernate.atlassian.net/browse/HHH?atlOrigin=eyJpIjoiMTc5ZGM3NWYx... ) / Bug ( https://hibernate.atlassian.net/browse/HHH-16892?atlOrigin=eyJpIjoiMTc5ZG... ) HHH-16892 ( https://hibernate.atlassian.net/browse/HHH-16892?atlOrigin=eyJpIjoiMTc5ZG... ) LocalXmlResourceResolver does not resolve dtd URLs that use https scheme ( https://hibernate.atlassian.net/browse/HHH-16892?atlOrigin=eyJpIjoiMTc5ZG... )
Change By: Thirunavukarasu Thulasi ( https://hibernate.atlassian.net/secure/ViewProfile.jspa?accountId=712020%... )
*Background*
As per the following recommendation, we had updated all our hibernate mapping files to refer dtd files with https scheme
[The markup declarations contained or pointed to by the document type declaration must be well-formed - Hibernate ORM - Hibernate|https://discourse.hibernate.org/t/the-markup-declarations-conta...]
i,e we had updated our hibernate mapping files to use the recommended dtd urls
updated existing urls from
[http://www.hibernate.org/dtd/hibernate-mapping-3.0.dtd|http://www.hiberna...]
to
[{color:#006644}*https*{color}|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22][://hibernate.org/dtd/hibernate-mapping-3.0.dtd|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22]
Also, we had upgraded hibernate version to version 5.6.6 (which has a fix HHH-15094)
*Problem*
Hibernate does not resolve dtd files locally when using *https* scheme,
But, it resolves the dtd files locally when using *http* scheme
*Analysis*
Following is a snippet of code from LocalXmlResourceResolver,
!image-20230705-030300.png|width=544,height=336!
When *HTTP* scheme is used, Hibernate uses *startsWith* to compare with the identifierBase,
But, when *HTTPS* scheme is used, Hibernate uses *matches* to compare with the identiferBase
For example,
Consider a hibernate mapping file with the following DOCTYPE (changed as per above recommendation)
<!DOCTYPE hibernate-mapping PUBLIC
"-//Hibernate/Hibernate Mapping DTD//EN"
"[https://hibernate.org/dtd/hibernate-mapping-3.0.dtd"|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22]>
In the LocalXmlResourceResolver, The condition which checks whether to return local resource, fails and returns false when https scheme is used
i,e
if ( systemId.startsWith( httpBase )
|| systemId.matches( httpsBase ) ) {
return true;
}
checks as follows
"[https://hibernate.org/dtd/hibernate-mapping-3.0.dtd"|https://hibernate.org/dtd/hibernate-mapping-3.0.dtd%22].matches({{"hibernate.org/dtd/hibernate-mapping"}})
which returns {color:#bf2600}*false* {color}
*Proposed solution*
* Change systemId.{color:#bf2600}*matches*{color}() to either systemId.*startsWith()* or systemId.*contains()*
*Test*
In the attached unit test, we can see that the test case that tries to resolve dtd file using HTTPS scheme fails, whereas the the test case that tries to resolve dtd file using HTTP scheme succeeds
( https://hibernate.atlassian.net/browse/HHH-16892#add-comment?atlOrigin=ey... ) Add Comment ( https://hibernate.atlassian.net/browse/HHH-16892#add-comment?atlOrigin=ey... )
Get Jira notifications on your phone! Download the Jira Cloud app for Android ( https://play.google.com/store/apps/details?id=com.atlassian.android.jira.... ) or iOS ( https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=EmailN... ) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100229- sha1:634ba05 )
2 years, 9 months