You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by "Uther, James" <Ja...@F-Secure.com> on 2001/09/26 13:30:21 UTC
%=x% expression syntax bug in XML jsp?
Hi All,
My reading of ParserXJspSaxHandler.java suggests that the shorthand
expression syntax for jsp1.3 xml documents (%=x%) is not handled in
'uninterpreted' tags (ie: tags that are not taglibs or jsp:).
Is this a bug or per spec? My reading of the spec suggests it's a bug, but i
could well be missing something.
The problem can be illustrated as follows:
take this jsp page
---------------
<?xml version="1.0" encoding="ISO-8859-1"?>
<jsp:root version="1.2" xmlns:jsp="http://java.sun.com/JSP/Page">
<jsp:directive.page contentType="test/xml+svg" />
<jsp:scriptlet><![CDATA[
String t = "test";
String xpos = "10";
]]></jsp:scriptlet>
<jsp:text><![CDATA[<?xml version="1.0" encoding="ISO-8859-1" ?>
]]></jsp:text>
<svg width="100" height="100" xmlns='http://www.w3.org/2000/svg'>
<text y="10"
x="%=xpos%"><jsp:expression>t</jsp:expression></text>
</svg>
</jsp:root>
---------------
My problem is that the
x="%=xpos%"
expression is not expanded (in tomcat 4.0), so the generated SVG document
looks like
<snippet>
<text y="10" x="%=xpos%">test</text>
</snippet>
cheers,
james
--
James Uther www.F-Secure.com
Senior Software Engineer F-Secure Corporation
Securing the Mobile Enterprise
Re: %=x% expression syntax bug in XML jsp?
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Wed, 26 Sep 2001, Uther, James wrote:
> Date: Wed, 26 Sep 2001 14:30:21 +0300
> From: "Uther, James" <Ja...@F-Secure.com>
> Reply-To: tomcat-dev@jakarta.apache.org
> To: tomcat-dev@jakarta.apache.org
> Subject: %=x% expression syntax bug in XML jsp?
>
> Hi All,
>
> My reading of ParserXJspSaxHandler.java suggests that the shorthand
> expression syntax for jsp1.3 xml documents (%=x%) is not handled in
> 'uninterpreted' tags (ie: tags that are not taglibs or jsp:).
>
> Is this a bug or per spec? My reading of the spec suggests it's a bug, but i
> could well be missing something.
>
My understanding (confirmed by talking with the JSP spec lead) is that
this is not a bug, but is operating per design.
If you made parsing "%=x%" work in template text (which is what the JSP
compiler thinks you are processing when you're not inside a custom tag),
then users would have to escape this kind of character string
*everywhere*, not just in what looks like a tag attribute.
Also, there's no requirement that the template text itself look like HTML
or XML (i.e. it doesn't have to have a syntax that looks like elements
with attributes). So, the JSP compiler cannot attach any semantic
significance to what "looks like" a tag but is not a tag it recognizes
(i.e. a built-in <jsp:xxx> tag or a defined custom tag).
> The problem can be illustrated as follows:
>
> take this jsp page
> ---------------
> <?xml version="1.0" encoding="ISO-8859-1"?>
>
> <jsp:root version="1.2" xmlns:jsp="http://java.sun.com/JSP/Page">
> <jsp:directive.page contentType="test/xml+svg" />
> <jsp:scriptlet><![CDATA[
> String t = "test";
> String xpos = "10";
> ]]></jsp:scriptlet>
>
> <jsp:text><![CDATA[<?xml version="1.0" encoding="ISO-8859-1" ?>
>
> ]]></jsp:text>
> <svg width="100" height="100" xmlns='http://www.w3.org/2000/svg'>
> <text y="10"
> x="%=xpos%"><jsp:expression>t</jsp:expression></text>
> </svg>
> </jsp:root>
> ---------------
>
> My problem is that the
> x="%=xpos%"
> expression is not expanded (in tomcat 4.0), so the generated SVG document
> looks like
>
> <snippet>
> <text y="10" x="%=xpos%">test</text>
> </snippet>
>
That's correct, because <text> is not recognized as a custom tag.
Choices:
* Create a custom tag <foo:text> which just dumps out the
corresponding <text> tag
* Write the XML syntax in the way that the JSP compiler expects:
<jsp:text><![CDATA[<text y="10" x="]]>
<jsp:expression>xpos</jsp:expression>
<jsp:text><![CDATA[">test</test></jsp:text>
* Use the JSP syntax, where <%= %> expressions *are* recognized
everywhere.
> cheers,
>
> james
>
Craig McClanahan
> --
> James Uther www.F-Secure.com
> Senior Software Engineer F-Secure Corporation
>
> Securing the Mobile Enterprise
>