You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/10/31 04:49:54 UTC

DO NOT REPLY [Bug 14113] New: - HTML special characters not escaped in error page output

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14113>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14113

HTML special characters not escaped in error page output

           Summary: HTML special characters not escaped in error page output
           Product: Tomcat 4
           Version: 4.0.4 Final
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: ron.baldwin@sourceprose.com


HTML special characters (e.g. "<", ">") are not being escaped in the stack trace
that is included on the error page.

Example - this is what you should get:

   java.lang.NoClassDefFoundError: com/mycompany/MyClass
      at com.mycompany.MyClass.<init>(MyClass.java:54)

this is what you get:

   java.lang.NoClassDefFoundError: com/mycompany/MyClass
      at com.mycompany.MyClass.(MyClass.java:54)

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>