You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/05/23 19:08:51 UTC

DO NOT REPLY [Bug 9361] New: - jsp:param calls URLEncoder.encode() without null check

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9361>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9361

jsp:param calls URLEncoder.encode() without null check

           Summary: jsp:param calls URLEncoder.encode() without null check
           Product: Tomcat 4
           Version: 4.1.2
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Servlet & JSP API
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jessh@ptc.com


JSP pages previously had been able to use jsp:param ala:
  <jsp:param name="foo" value="<%=bar%>"/>
without regard for whether the variable 'bar' is non-null.

Due to the use of URLEncoder.encode() on the value attribute in the generated 
code, such JSP pages now error out with NullPointerExceptions.  This may or may 
not be more correct, but is certainly harmful to existing pages!

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>