You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by bu...@apache.org on 2003/10/16 14:09:11 UTC
DO NOT REPLY [Bug 23864] New: -
html radio tag, value attribute, special characters < > "
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23864>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23864
html radio tag, value attribute, special characters < > "
Summary: html radio tag, value attribute, special characters < >
"
Product: Struts
Version: 1.1 Beta 1
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: Custom Tags
AssignedTo: struts-dev@jakarta.apache.org
ReportedBy: hchen14@ford.com
CC: hchen14@ford.com
We noticed that a string value containing html sensitive characters, such as <
> & " etc., is not filtered / escaped for html:radio tag (the value of the
radio input). This cause the resulting html page to break, as in the following
browser view -
[radio box here] " checked="checked"> Blue
User should see this -
[radio box here] Blue
After looking at the taglib source code, we know that HiddenTag, OptionsTag,
TextareaTag, TextTag, etc, do escape the special characters, using
ResponseUtils.filter method.
However, RadioTag, CheckboxTag do not.
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org