You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Bruce Phillips (JIRA)" <ji...@apache.org> on 2013/12/29 15:28:56 UTC
[jira] [Comment Edited] (WW-4259) Parameter is NULL when Submitting
form with parameters using URL contains querystring consisted of some
fields
[ https://issues.apache.org/jira/browse/WW-4259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13858352#comment-13858352 ]
Bruce Phillips edited comment on WW-4259 at 12/29/13 2:28 PM:
--------------------------------------------------------------
I cannot reproduce the problem you report in Struts 2.3.16.
When I use s:form action="hello.action?field1=%{field1}&field2=%{field2}"
The result in the jsp is just action="hello.action"
I believe due to recent security fixes the query string is stripped off.
If you are encountering this problem in Struts 2.3.16 please upload a complete Maven example project that I can use to duplicate the problem you are reporting.
was (Author: bphillips):
I cannot reproduce the problem you report in Struts 2.3.16.
When I use s:form action="hello.action?field1=%{field1}&field2=%{field2}"
The result in the asp is just action="hello.action"
I believe due to recent security fixes the query string is stripped off.
If you are encountering this problem in Struts 2.3.16 please upload a complete Maven example project that I can use to duplicate the problem you are reporting.
> Parameter is NULL when Submitting form with parameters using URL contains querystring consisted of some fields
> --------------------------------------------------------------------------------------------------------------
>
> Key: WW-4259
> URL: https://issues.apache.org/jira/browse/WW-4259
> Project: Struts 2
> Issue Type: Bug
> Environment: Struts: 2.3.16
> JRE: 7.0
> Tomcat: 7.0
> Reporter: Yorozuya Kazuyuki
> Assignee: Bruce Phillips
> Priority: Minor
> Fix For: 2.3.17
>
> Attachments: ServletUrlRenderer.java.patch
>
>
> h3. Phenomenon
> 1. Submitting form with parameters using URL contains querystring consisted of some fields.
> {noformat}
> <s:form id="testForm" action="Test.action?field1=%{field1}&field2=%{field2}">
> {noformat}
> Field1, field2 are member of Test class.
> Each setter is implemented in this class.
> \\
> 2. When form tag in struts is interpreted as in HTML, "action" atrribute is this.
> {noformat}
> action="Test.action?field1=value1&amp;field2=value2"
> {noformat}
> Due to duplication of "amp;", it causes field2 member to fail to recieve value.
> therefore, field2 member equals NULL always.
>
> \\
> Desired result 2. is this.
> {noformat}
> action="Test.action?field1=value1&field2=value2"
> {noformat}
> \\
> h3. Cause
> Character entity reference about "&" is executed twice.
> Executed points are as follow.
> --------------------------------------------------------------------------------
> ・/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
> {noformat}
> String buildUrl(
> String action, HttpServletRequest request, HttpServletResponse response,
> Map<String, Object> params, String scheme, boolean includeContext,
> boolean encodeResult, boolean forceAddSchemeHostAndPort, boolean escapeAmp
> )
> {noformat}
> ・/core/src/main/resources/template/simple/form-common.ftl
> {noformat}
> <#if parameters.action??>
> action="${parameters.action?html}"<#rt/>
> </#if>
> {noformat}
> --------------------------------------------------------------------------------
> h3. Solution
> "escapeAmp" in method "DefaultUrlHelper.buildUrl" is set false.
> My patch file is attached.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)