You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Knut-Håvard Aksnes (JIRA)" <ji...@apache.org> on 2010/06/20 18:04:22 UTC
[jira] Created: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Geronimo console doesn't seem to handle % in sql statements right.
------------------------------------------------------------------
Key: GERONIMO-5384
URL: https://issues.apache.org/jira/browse/GERONIMO-5384
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Affects Versions: 2.1.5, 2.2.1
Reporter: Knut-Håvard Aksnes
This bug is seen in Geronimo console under Run Sql on the Database Pools form.
Try to run this query, the problem seems to be independent of datasource:
select * from foo where name like '%a%'
The result is:
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
java.net.URLDecoder.decode(URLDecoder.java:173)
org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12880771#action_12880771 ]
Rex Wang commented on GERONIMO-5384:
------------------------------------
commit fix in rev956522 of branch 2.1
will fix in 2.2 and trunk soon.
-Rex
> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
> Key: GERONIMO-5384
> URL: https://issues.apache.org/jira/browse/GERONIMO-5384
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.5, 2.2.1
> Reporter: Knut-Håvard Aksnes
> Assignee: Rex Wang
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
> java.net.URLDecoder.decode(URLDecoder.java:173)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-5384:
-------------------------------
Fix Version/s: 2.1.7
(was: 2.1.6)
> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
> Key: GERONIMO-5384
> URL: https://issues.apache.org/jira/browse/GERONIMO-5384
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.5, 2.2.1
> Reporter: Knut-Håvard Aksnes
> Assignee: Rex Wang
> Fix For: 2.1.7, 2.2.1, 3.0
>
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
> java.net.URLDecoder.decode(URLDecoder.java:173)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang reassigned GERONIMO-5384:
----------------------------------
Assignee: Rex Wang
> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
> Key: GERONIMO-5384
> URL: https://issues.apache.org/jira/browse/GERONIMO-5384
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.5, 2.2.1
> Reporter: Knut-Håvard Aksnes
> Assignee: Rex Wang
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
> java.net.URLDecoder.decode(URLDecoder.java:173)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang closed GERONIMO-5384.
------------------------------
closing it
> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
> Key: GERONIMO-5384
> URL: https://issues.apache.org/jira/browse/GERONIMO-5384
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.5, 2.2.1
> Reporter: Knut-Håvard Aksnes
> Assignee: Rex Wang
> Fix For: 2.1.7, 2.2.1, 3.0
>
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
> java.net.URLDecoder.decode(URLDecoder.java:173)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-5384:
-------------------------------
Fix Version/s: 2.1.6
2.2.1
3.0
> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
> Key: GERONIMO-5384
> URL: https://issues.apache.org/jira/browse/GERONIMO-5384
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.5, 2.2.1
> Reporter: Knut-Håvard Aksnes
> Assignee: Rex Wang
> Fix For: 2.1.6, 2.2.1, 3.0
>
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
> java.net.URLDecoder.decode(URLDecoder.java:173)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (GERONIMO-5384) Geronimo console doesn't seem to
handle % in sql statements right.
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang resolved GERONIMO-5384.
--------------------------------
Resolution: Fixed
fix in
rev956760 for branch 2.2
rev956761 for trunk
> Geronimo console doesn't seem to handle % in sql statements right.
> ------------------------------------------------------------------
>
> Key: GERONIMO-5384
> URL: https://issues.apache.org/jira/browse/GERONIMO-5384
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.5, 2.2.1
> Reporter: Knut-Håvard Aksnes
> Assignee: Rex Wang
> Fix For: 2.1.6, 2.2.1, 3.0
>
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> This bug is seen in Geronimo console under Run Sql on the Database Pools form.
> Try to run this query, the problem seems to be independent of datasource:
> select * from foo where name like '%a%'
> The result is:
> type Exception report
> message
> description The server encountered an internal error () that prevented it from fulfilling this request.
> exception
> java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
> java.net.URLDecoder.decode(URLDecoder.java:173)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
> org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
> org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.