ICEfaces
  1. ICEfaces
  2. ICE-5551

ICEfaces 2.0 DOM output attribute escaping

          Details

          • Type: Bug Bug
          • Status: Closed
          • Priority: Major Major
          • Resolution: Fixed
          • Affects Version/s: 2.0-Alpha2
          • Fix Version/s: 2.0-Alpha3, 2.0.0
          • Component/s: Framework
          • Labels:
            None
          • Environment:
            ICEfaces

            Description

            DOMUtils.printNode is used for DOM output and makes use of escapeAnsi for XML/HTML attribute values. This produces valid output, but is overly zealous and escapes characters that do not need to be escaped for double quoted "" attribute values. In particular, the single quote character is legal, but was being escaped as '.

              Issue Links

              depends on

              Bug - A problem which impairs or prevents the functions of the product. ICE-3182 DOMResponseWriter.writeText() escaping

              • Major - Major loss of function.
              • Closed

                Activity

                Ascending order - Click to sort in descending order
                Repository Revision Date User Message
                ICEsoft Public SVN Repository #21090 Fri Mar 26 09:45:40 MDT 2010 ted.goddard escapeAttribute implementation (ICE-5551)
                Files Changed
                Commit graph MODIFY /icefaces/scratchpads/glimmer/core/src/main/java/org/icefaces/util/DOMUtils.java
                Ted Goddard created issue -
                Hide
                Permalink
                Ted Goddard added a comment -

                The escapeAttribute() implementation assumes that the attribute value is surrounded by double quotes ("). This implementation escapes only the require values as defined by the XML specification. This must be tested with unicode characters in existing browsers. (For instance, the ascii DEL character is valid XML, but may not be accepted by some browsers. Additionally, unicode values are now being written directly in an assumed UTF-8 encoding, so this may cause incompatibility.

                Show
                Ted Goddard added a comment - The escapeAttribute() implementation assumes that the attribute value is surrounded by double quotes ("). This implementation escapes only the require values as defined by the XML specification. This must be tested with unicode characters in existing browsers. (For instance, the ascii DEL character is valid XML, but may not be accepted by some browsers. Additionally, unicode values are now being written directly in an assumed UTF-8 encoding, so this may cause incompatibility.
                Hide
                Permalink
                Ted Goddard added a comment -

                Judy, please test against the mojarra tests and then assign to Ken to confirm whether we have unicode and internationalization tests that are suitable.

                Show
                Ted Goddard added a comment - Judy, please test against the mojarra tests and then assign to Ken to confirm whether we have unicode and internationalization tests that are suitable.
                Ted Goddard made changes -
                Field Original Value New Value
                Assignee Judy Guglielmin [ judy.guglielmin ]
                Ted Goddard made changes -
                Salesforce Case []
                Fix Version/s 2.0-Alpha3 [ 10032 ]
                Ken Fyten made changes -
                Link This issue depends on ICE-3182 [ ICE-3182 ]
                Hide
                Permalink
                Ken Fyten added a comment -

                ICE-3182 to resolve this, needs to be verified once it is fixed.

                Show
                Ken Fyten added a comment - ICE-3182 to resolve this, needs to be verified once it is fixed.
                Ken Fyten made changes -
                Assignee Judy Guglielmin [ judy.guglielmin ] Greg Dick [ greg.dick ]
                Repository Revision Date User Message
                ICEsoft Public SVN Repository #21430 Mon May 17 11:35:01 MDT 2010 greg.dick ICE-5551 Added attribute escaping test section
                Files Changed
                Commit graph MODIFY /icefaces/scratchpads/glimmer/samples/test/ICE-3182/src/main/webapp/icefaces.xhtml
                Repository Revision Date User Message
                ICEsoft Public SVN Repository #21431 Mon May 17 11:44:54 MDT 2010 greg.dick ICE-5551 Added attribute escaping test section. Partitioned into IE & FF sections
                Files Changed
                Commit graph MODIFY /icefaces/scratchpads/glimmer/test/HtmlUnitTest/src/org/icefaces/htmlunit/ICE_3182Test.java
                Hide
                Permalink
                Greg Dick added a comment -

                The single quote is being handled correctly. There's an HTMLUnit test section in the ICE-3182 test case.

                Show
                Greg Dick added a comment - The single quote is being handled correctly. There's an HTMLUnit test section in the ICE-3182 test case.
                Greg Dick made changes -
                Status Open [ 1 ] Resolved [ 5 ]
                Resolution Fixed [ 1 ]
                Ken Fyten made changes -
                Fix Version/s 2.0.0 [ 10230 ]
                Ken Fyten made changes -
                Status Resolved [ 5 ] Closed [ 6 ]

                  People

                  • Assignee:
                    Greg Dick
                    Reporter:
                    Ted Goddard
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    0 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: