[
http://jira.jboss.com/jira/browse/JBSEAM-3101?page=all ]
Norman Richards closed JBSEAM-3101.
-----------------------------------
Resolution: Done
There was raw HTML in the wiki text for one of the examples that contained a style tag. I
assume this is related to something Christian mentioned a few weeks back about possible
cross site scripting vulnerabilities in wiki text. I'm assuming that setting a style
is simply not allowed at all now and removed the style attribute, but if it is allowed in
some limited form then we could put back in something that wiki text will accept.
Blog example XML parsing error when launched in browser
-------------------------------------------------------
Key: JBSEAM-3101
URL:
http://jira.jboss.com/jira/browse/JBSEAM-3101
Project: Seam
Issue Type: Bug
Components: Examples
Affects Versions: 2.0.3.CR1
Environment: fedora 8
JDK 1.5
JBoss 4.2.2
Reporter: Jay Balunas
Assigned To: Norman Richards
Priority: Critical
Fix For: 2.0.3.CR1
Attachments: blog_index.xhtml
This is a critical because this may be a result of the facelets update. Could someone
take a quick look and check if this is caused by the facelets update? If that is not the
case it can just be a major and hold off for the GA.
---------------
Example builds and deploys fine. When accessed I get this error in the browser:
XML Parsing Error: not well-formed
Location:
http://localhost:8080/seam-blog/seam/index.xhtml
Line Number 83, Column 16: </div>
---------------^
In the log the relevant line is:
10:20:05,599 WARN [UIFormattedText] Seam Text parse error: invalid value of attribute
'style' for element 'table'
In the html source this is where the issue is:
</p>
<table style="
</div>
<p>
</p>
I will attach
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira