[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-3101) Blog example XML parsing error when launched in browser

Norman Richards (JIRA) jira-events at lists.jboss.org
Thu Jun 12 14:57:33 EDT 2008 

     [ http://jira.jboss.com/jira/browse/JBSEAM-3101?page=all ]

Norman Richards closed JBSEAM-3101.
-----------------------------------

    Resolution: Done

There was raw HTML in the wiki text for one of the examples that contained a style tag.  I assume this is related to something Christian mentioned a few weeks back about possible cross site scripting vulnerabilities in wiki text.  I'm assuming that setting a style is simply not allowed at all now and removed the style attribute, but if it is allowed in some limited form then we could put back in something that wiki text will accept.

> Blog example XML parsing error when launched in browser
> -------------------------------------------------------
>
>                 Key: JBSEAM-3101
>                 URL: http://jira.jboss.com/jira/browse/JBSEAM-3101
>             Project: Seam
>          Issue Type: Bug
>          Components: Examples
>    Affects Versions: 2.0.3.CR1
>         Environment: fedora 8
> JDK 1.5
> JBoss 4.2.2
>            Reporter: Jay Balunas
>         Assigned To: Norman Richards
>            Priority: Critical
>             Fix For: 2.0.3.CR1
>
>         Attachments: blog_index.xhtml
>
>
> This is a critical because this may be a result of the facelets update.  Could someone take a quick look and check if this is caused by the facelets update?  If that is not the case it can just be a major and hold off for the GA.
> ---------------
> Example builds and deploys fine.  When accessed I get this error in the browser:
> XML Parsing Error: not well-formed
> Location: http://localhost:8080/seam-blog/seam/index.xhtml
> Line Number 83, Column 16:               </div>
> ---------------^
> In the log the relevant line is:
> 10:20:05,599 WARN  [UIFormattedText] Seam Text parse error: invalid value of attribute 'style' for element 'table'
> In the html source this is where the issue is:
> </p>
> <table style="
>                </div>
>                <p>
>                </p>
> I will attach 
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list