You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2021/01/23 16:57:23 UTC

[ofbiz-framework] branch trunk updated: Fixed: Ampersand in Party not displayed correctly (OFBIZ-12140)

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new cb9c366  Fixed: Ampersand in Party not displayed correctly (OFBIZ-12140)
cb9c366 is described below

commit cb9c366327ac3c0666686cfd1ee108f3b1d994a3
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Sat Jan 23 17:47:46 2021 +0100

    Fixed: Ampersand in Party not displayed correctly (OFBIZ-12140)
    
    In the reported case, ModelFormField::getDescription double HTML encodes the
    description when both the entity and the description contain an ampersand.
    
    A solution is to test if the description is already HTML encoded before encoding
    it again. If HTML encoded then only String encodes it.
    
    BTW I'm not sure it's useful but it's harmless, the same solution can be applied
    to OFBIZ-12026 and similarly in renderableFtlFormElementsBuilder::encode. I'll
    do as improvements...
    
    Thanks: Andrew Waters for report and help in analysis
---
 .../main/java/org/apache/ofbiz/widget/model/ModelFormField.java   | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java b/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java
index 5c75f73..f126ea2 100644
--- a/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java
+++ b/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java
@@ -41,6 +41,7 @@ import java.util.function.Predicate;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
+import org.apache.commons.text.StringEscapeUtils;
 import org.apache.ofbiz.base.conversion.ConversionException;
 import org.apache.ofbiz.base.conversion.DateTimeConverters;
 import org.apache.ofbiz.base.conversion.DateTimeConverters.StringToTimestamp;
@@ -1526,7 +1527,12 @@ public class ModelFormField {
             if (UtilValidate.isEmpty(retVal)) {
                 retVal = "";
             } else if (this.getModelFormField().getEncodeOutput()) {
-                UtilCodec.SimpleEncoder simpleEncoder = (UtilCodec.SimpleEncoder) context.get("simpleEncoder");
+                UtilCodec.SimpleEncoder simpleEncoder = null;
+                if (retVal.equals(StringEscapeUtils.unescapeEcmaScript(StringEscapeUtils.unescapeHtml4(retVal)))) {
+                    simpleEncoder = (UtilCodec.SimpleEncoder) context.get("simpleEncoder");
+                } else {
+                    simpleEncoder = UtilCodec.getEncoder("string");
+                }
                 if (simpleEncoder != null) {
                     retVal = simpleEncoder.encode(retVal);
                 }