[richfaces-issues] [JBoss JIRA] Resolved: (RF-1603) Quote in attribute value not handled correctly in ajax4jsf filter

Alexander Smirnov (JIRA) jira-events at lists.jboss.org
Mon Dec 17 15:20:43 EST 2007 

     [ http://jira.jboss.com/jira/browse/RF-1603?page=all ]

Alexander Smirnov resolved RF-1603.
-----------------------------------

    Fix Version/s: 3.1.3
       Resolution: Done

Added check for a "text/javascript" value to a lexer.

> Quote in attribute value not handled correctly in ajax4jsf filter
> -----------------------------------------------------------------
>
>                 Key: RF-1603
>                 URL: http://jira.jboss.com/jira/browse/RF-1603
>             Project: RichFaces
>          Issue Type: Bug
>    Affects Versions: 3.1.1
>            Reporter: Alan Ballard
>         Assigned To: Alexander Smirnov
>             Fix For: 3.1.3, 3.2.0
>
>
> I ran into a problem with ajax responses not being handled correctly.  The specific context was a <dndParam> where the value attribute specified a string with a single, unmatched, quote as part of the value, though I believe this could occur in other situations. 
> The response returned to the server is incorrectly generated with a cdata around an inappropriate portion of the response.  
> Debugging shows that dndparam and dragsupport have correctly generated javascript with a correctly escaped quote (backslash-quote).    
> The problem is in the version of tidy included with richfaces,  when it  postprocesses the response for the script in ajax4jsf.Filter.   This contains code (in lexer.java  method getCDATA) that does handled excaped quotes, but only for nodes it considers javascript.   And it only considers a node to be javascript if it specifies language="javascript" or type="javascript".      Not type="text/javascript", which is (correctly) generated by the richfaces components.  
> Should probably be checking for attribute value contains (case independently)  javascript.  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the richfaces-issues mailing list