You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2008/04/11 22:07:28 UTC
svn commit: r647289 - in /tomcat/trunk/java/org/apache/catalina/ssi:
SSIEcho.java SSIMediator.java
Author: markt
Date: Fri Apr 11 13:07:26 2008
New Revision: 647289
URL: http://svn.apache.org/viewvc?rev=647289&view=rev
Log:
Fix bug 44392. HTML entities not resolved in SSI.
Modified:
tomcat/trunk/java/org/apache/catalina/ssi/SSIEcho.java
tomcat/trunk/java/org/apache/catalina/ssi/SSIMediator.java
Modified: tomcat/trunk/java/org/apache/catalina/ssi/SSIEcho.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ssi/SSIEcho.java?rev=647289&r1=647288&r2=647289&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/ssi/SSIEcho.java (original)
+++ tomcat/trunk/java/org/apache/catalina/ssi/SSIEcho.java Fri Apr 11 13:07:26 2008
@@ -37,20 +37,14 @@
*/
public long process(SSIMediator ssiMediator, String commandName,
String[] paramNames, String[] paramValues, PrintWriter writer) {
- long lastModified = 0;
String encoding = DEFAULT_ENCODING;
+ String originalValue = null;
String errorMessage = ssiMediator.getConfigErrMsg();
for (int i = 0; i < paramNames.length; i++) {
String paramName = paramNames[i];
String paramValue = paramValues[i];
if (paramName.equalsIgnoreCase("var")) {
- String variableValue = ssiMediator.getVariableValue(
- paramValue, encoding);
- if (variableValue == null) {
- variableValue = MISSING_VARIABLE_VALUE;
- }
- writer.write(variableValue);
- lastModified = System.currentTimeMillis();
+ originalValue = paramValue;
} else if (paramName.equalsIgnoreCase("encoding")) {
if (isValidEncoding(paramValue)) {
encoding = paramValue;
@@ -63,7 +57,13 @@
writer.write(errorMessage);
}
}
- return lastModified;
+ String variableValue = ssiMediator.getVariableValue(
+ originalValue, encoding);
+ if (variableValue == null) {
+ variableValue = MISSING_VARIABLE_VALUE;
+ }
+ writer.write(variableValue);
+ return System.currentTimeMillis();
}
Modified: tomcat/trunk/java/org/apache/catalina/ssi/SSIMediator.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ssi/SSIMediator.java?rev=647289&r1=647288&r2=647289&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/ssi/SSIMediator.java (original)
+++ tomcat/trunk/java/org/apache/catalina/ssi/SSIMediator.java Fri Apr 11 13:07:26 2008
@@ -27,6 +27,7 @@
import org.apache.catalina.util.DateTool;
import org.apache.catalina.util.Strftime;
import org.apache.catalina.util.URLEncoder;
+import org.apache.tomcat.util.http.HttpMessages;
/**
* Allows the different SSICommand implementations to share data/talk to each
* other
@@ -205,10 +206,31 @@
* new resolved string.
*/
public String substituteVariables(String val) {
- // If it has no variable references then no work
+ // If it has no references or HTML entities then no work
// need to be done
- if (val.indexOf('$') < 0) return val;
+ if (val.indexOf('$') < 0 && val.indexOf('&') < 0) return val;
+
+ // HTML decoding
+ val.replace("<", "<");
+ val.replace(">", ">");
+ val.replace(""", "\"");
+ val.replace("&", "&");
+
StringBuffer sb = new StringBuffer(val);
+ int charStart = sb.indexOf("&#");
+ while (charStart > -1) {
+ int charEnd = sb.indexOf(";", charStart);
+ if (charEnd > -1) {
+ char c = (char) Integer.parseInt(
+ sb.substring(charStart + 2, charEnd));
+ sb.delete(charStart, charEnd + 1);
+ sb.insert(charStart, c);
+ charStart = sb.indexOf("&#");
+ } else {
+ break;
+ }
+ }
+
for (int i = 0; i < sb.length();) {
// Find the next $
for (; i < sb.length(); i++) {
@@ -279,8 +301,7 @@
} else if (encoding.equalsIgnoreCase("none")) {
retVal = value;
} else if (encoding.equalsIgnoreCase("entity")) {
- //Not sure how this is really different than none
- retVal = value;
+ retVal = HttpMessages.filter(value);
} else {
//This shouldn't be possible
throw new IllegalArgumentException("Unknown encoding: " + encoding);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org