You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2015/11/25 11:42:10 UTC
svn commit: r1716347 - in /tomcat/trunk: conf/ java/org/apache/jasper/
java/org/apache/jasper/compiler/ test/org/apache/el/ test/webapp/
test/webapp/bug45nnn/ webapps/docs/
Author: kkolinko
Date: Wed Nov 25 10:42:10 2015
New Revision: 1716347
URL: http://svn.apache.org/viewvc?rev=1716347&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57136#c25
Change default value of quoteAttributeEL setting in Jasper to be true
for better compatibility with other implementations and older versions of Tomcat.
Add command line option -no-quoteAttributeEL in JspC.
Fix tests. For reference: r1702244
Modified:
tomcat/trunk/conf/web.xml
tomcat/trunk/java/org/apache/jasper/EmbeddedServletOptions.java
tomcat/trunk/java/org/apache/jasper/JspC.java
tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java
tomcat/trunk/test/org/apache/el/TestELInJsp.java
tomcat/trunk/test/webapp/bug45nnn/bug45427.jsp
tomcat/trunk/test/webapp/bug45nnn/bug45451.jspf
tomcat/trunk/test/webapp/bug45nnn/bug45451a.jsp
tomcat/trunk/test/webapp/el-method.jsp
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/jasper-howto.xml
Modified: tomcat/trunk/conf/web.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/conf/web.xml?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/conf/web.xml (original)
+++ tomcat/trunk/conf/web.xml Wed Nov 25 10:42:10 2015
@@ -239,10 +239,11 @@
<!-- for the escaping of quote characters be -->
<!-- strictly applied? [true] -->
<!-- -->
- <!-- quoteAttributeEL When EL is used in JSP attribute values should -->
- <!-- the rules for quoting of attributes described -->
- <!-- in JSP.1.6 be applied to the expression? -->
- <!-- [false] -->
+ <!-- quoteAttributeEL When EL is used in an attribute value on a -->
+ <!-- JSP page should the rules for quoting of -->
+ <!-- attributes described in JSP.1.6 be applied to -->
+ <!-- the expression? -->
+ <!-- [true] -->
<servlet>
<servlet-name>jsp</servlet-name>
Modified: tomcat/trunk/java/org/apache/jasper/EmbeddedServletOptions.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/EmbeddedServletOptions.java?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/EmbeddedServletOptions.java (original)
+++ tomcat/trunk/java/org/apache/jasper/EmbeddedServletOptions.java Wed Nov 25 10:42:10 2015
@@ -205,7 +205,11 @@ public final class EmbeddedServletOption
*/
private boolean strictQuoteEscaping = true;
- private boolean quoteAttributeEL = false;
+ /**
+ * When EL is used in JSP attribute values, should the rules for quoting of
+ * attributes described in JSP.1.6 be applied to the expression?
+ */
+ private boolean quoteAttributeEL = true;
public String getProperty(String name ) {
return settings.getProperty( name );
Modified: tomcat/trunk/java/org/apache/jasper/JspC.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/JspC.java?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/JspC.java (original)
+++ tomcat/trunk/java/org/apache/jasper/JspC.java Wed Nov 25 10:42:10 2015
@@ -138,6 +138,7 @@ public class JspC extends Task implement
protected static final String SWITCH_NO_BLOCK_EXTERNAL = "-no-blockExternal";
protected static final String SWITCH_NO_STRICT_QUOTE_ESCAPING = "-no-strictQuoteEscaping";
protected static final String SWITCH_QUOTE_ATTRIBUTE_EL = "-quoteAttributeEL";
+ protected static final String SWITCH_NO_QUOTE_ATTRIBUTE_EL = "-no-quoteAttributeEL";
protected static final String SHOW_SUCCESS ="-s";
protected static final String LIST_ERRORS = "-l";
protected static final int INC_WEBXML = 10;
@@ -172,7 +173,7 @@ public class JspC extends Task implement
protected boolean validateXml;
protected boolean blockExternal = true;
protected boolean strictQuoteEscaping = true;
- protected boolean quoteAttributeEL = false;
+ protected boolean quoteAttributeEL = true;
protected boolean xpoweredBy;
protected boolean mappedFile = false;
protected boolean poolingEnabled = true;
@@ -391,6 +392,8 @@ public class JspC extends Task implement
setStrictQuoteEscaping(false);
} else if (tok.equals(SWITCH_QUOTE_ATTRIBUTE_EL)) {
setQuoteAttributeEL(true);
+ } else if (tok.equals(SWITCH_NO_QUOTE_ATTRIBUTE_EL)) {
+ setQuoteAttributeEL(false);
} else {
if (tok.startsWith("-")) {
throw new JasperException("Unrecognized option: " + tok +
Modified: tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/AttributeParser.java Wed Nov 25 10:42:10 2015
@@ -39,9 +39,10 @@ public class AttributeParser {
* where the JSP attribute is defined.
* @param isDeferredSyntaxAllowedAsLiteral
* Are deferred expressions treated as literals?
- * @param strict Should the rules of JSP.1.6 for escpaing quotes be
- * strictly applied?
- * @param quoteAttributeEL
+ * @param strict Should the rules of JSP.1.6 for escaping of quotes
+ * be strictly applied?
+ * @param quoteAttributeEL Should the rules of JSP.1.6 for escaping in
+ * attributes be applied to EL in attribute values?
* @return An unquoted JSP attribute that, if it contains
* expression language can be safely passed to the EL
* processor without fear of ambiguity.
Modified: tomcat/trunk/test/org/apache/el/TestELInJsp.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/el/TestELInJsp.java?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/el/TestELInJsp.java (original)
+++ tomcat/trunk/test/org/apache/el/TestELInJsp.java Wed Nov 25 10:42:10 2015
@@ -124,6 +124,8 @@ public class TestELInJsp extends TomcatB
// Warning: JSP attribute escaping != Java String escaping
assertEcho(result, "00-\\'hello world\\'");
assertEcho(result, "01-\\'hello world\\'");
+ assertEcho(result, "02-\\'hello world\\'");
+ assertEcho(result, "03-\\'hello world\\'");
res = getUrl("http://localhost:" + getPort() + "/test/bug45nnn/bug45451b.jsp");
result = res.toString();
Modified: tomcat/trunk/test/webapp/bug45nnn/bug45427.jsp
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/webapp/bug45nnn/bug45427.jsp?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/test/webapp/bug45nnn/bug45427.jsp (original)
+++ tomcat/trunk/test/webapp/bug45nnn/bug45427.jsp Wed Nov 25 10:42:10 2015
@@ -28,12 +28,12 @@
<p>07-${"hello \"world"}</p>
<tags:echo echo="08-${'hello world'}" />
- <tags:echo echo="09-${'hello \'world'}" />
- <tags:echo echo="10-${'hello "world'}" />
- <tags:echo echo="11-${'hello \"world'}" />
+ <tags:echo echo="09-${'hello \\'world'}" />
+ <tags:echo echo="10-${'hello \"world'}" />
+ <tags:echo echo="11-${'hello \\\"world'}" />
<tags:echo echo='12-${"hello world"}' />
- <tags:echo echo='13-${"hello 'world"}' />
- <tags:echo echo='14-${"hello \'world"}' />
- <tags:echo echo='15-${"hello \"world"}' />
+ <tags:echo echo='13-${"hello \'world"}' />
+ <tags:echo echo='14-${"hello \\\'world"}' />
+ <tags:echo echo='15-${"hello \\"world"}' />
</body>
</html>
\ No newline at end of file
Modified: tomcat/trunk/test/webapp/bug45nnn/bug45451.jspf
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/webapp/bug45nnn/bug45451.jspf?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/test/webapp/bug45nnn/bug45451.jspf (original)
+++ tomcat/trunk/test/webapp/bug45nnn/bug45451.jspf Wed Nov 25 10:42:10 2015
@@ -27,12 +27,12 @@
<tags:echo echo="13-\\\${1+1}" />
<tags:echo echo="14-\\\\${1+1}" />
<tags:echo echo="15-\$500" />
-<tags:echo echo="16-${'\\$'}" />
-<tags:echo echo="17-${'\\${'}" />
+<tags:echo echo="16-${'\\\\$'}" />
+<tags:echo echo="17-${'\\\\${'}" />
<tags:echo-deferred echo="20-#{1+1}" />
<tags:echo-deferred echo="21-\#{1+1}" />
<tags:echo-deferred echo="22-\\#{1+1}" />
<tags:echo-deferred echo="23-\\\#{1+1}" />
<tags:echo-deferred echo="24-\\\\#{1+1}" />
-<tags:echo-deferred echo="25-#{'\\#'}" />
-<tags:echo-deferred echo="26-#{'\\#{'}" />
\ No newline at end of file
+<tags:echo-deferred echo="25-#{'\\\\#'}" />
+<tags:echo-deferred echo="26-#{'\\\\#{'}" />
\ No newline at end of file
Modified: tomcat/trunk/test/webapp/bug45nnn/bug45451a.jsp
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/webapp/bug45nnn/bug45451a.jsp?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/test/webapp/bug45nnn/bug45451a.jsp (original)
+++ tomcat/trunk/test/webapp/bug45nnn/bug45451a.jsp Wed Nov 25 10:42:10 2015
@@ -19,6 +19,8 @@
<head><title>Bug 45451 test case</title></head>
<body>
<tags:echo echo="00-\\\'${'hello world'}\\\'" />
- <tags:echo echo='01-\\\'${"hello world"}\\\'' />
+ <tags:echo echo="01-\\\'${\"hello world\"}\\\'" />
+ <tags:echo echo='02-\\\'${\'hello world\'}\\\'' />
+ <tags:echo echo='03-\\\'${"hello world"}\\\'' />
</body>
</html>
\ No newline at end of file
Modified: tomcat/trunk/test/webapp/el-method.jsp
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/webapp/el-method.jsp?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/test/webapp/el-method.jsp (original)
+++ tomcat/trunk/test/webapp/el-method.jsp Wed Nov 25 10:42:10 2015
@@ -28,10 +28,10 @@
pageContext.setAttribute("testBeanA", beanA, PageContext.REQUEST_SCOPE);
pageContext.setAttribute("testBeanB", beanB, PageContext.REQUEST_SCOPE);
%>
- <tags:echo echo="00-${testBeanA["bean"].sayHello('JUnit')}" />
+ <tags:echo echo="00-${testBeanA[\"bean\"].sayHello('JUnit')}" />
<tags:echo echo="01-${testBeanA.bean.sayHello('JUnit')}" />
<tags:echo echo="02-${testBeanB.sayHello('JUnit')}" />
- <tags:echo-deferred echo="03-#{testBeanA["bean"].sayHello('JUnit')}" />
+ <tags:echo-deferred echo="03-#{testBeanA[\"bean\"].sayHello('JUnit')}" />
<tags:echo-deferred echo="04-#{testBeanA.bean.sayHello('JUnit')}" />
<tags:echo-deferred echo="05-#{testBeanB.sayHello('JUnit')}" />
</body>
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Nov 25 10:42:10 2015
@@ -104,6 +104,17 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Jasper">
+ <changelog>
+ <fix>
+ <bug>57136#c25</bug>: Change default value of
+ <code>quoteAttributeEL</code> setting in Jasper to be <code>true</code>
+ for better compatibility with other implementations and older versions
+ of Tomcat. Add command line option <code>-no-quoteAttributeEL</code> in
+ JspC. (kkolinko)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Cluster">
<changelog>
<fix>
Modified: tomcat/trunk/webapps/docs/jasper-howto.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/jasper-howto.xml?rev=1716347&r1=1716346&r2=1716347&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/jasper-howto.xml (original)
+++ tomcat/trunk/webapps/docs/jasper-howto.xml Wed Nov 25 10:42:10 2015
@@ -203,10 +203,10 @@ for attribute values, should the rules i
characters be strictly applied? <code>true</code> or <code>false</code>, default
<code>true</code>.</li>
-<li><strong>quoteAttributeEL</strong> - When EL is used in JSP attribute values,
-should the rules for quoting of attributes described in JSP.1.6 be applied to
-the expression? <code>true</code> or <code>false</code>, default
-<code>false</code>.</li>
+<li><strong>quoteAttributeEL</strong> - When EL is used in an attribute value
+on a JSP page, should the rules for quoting of attributes described in JSP.1.6
+be applied to the expression? <code>true</code> or <code>false</code>, default
+<code>true</code>.</li>
</ul>
<p>The Java compiler from Eclipse JDT in included as the default compiler. It is
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org