You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@activemq.apache.org by "Timothy Bish (JIRA)" <ji...@apache.org> on 2012/12/11 17:33:21 UTC

[jira] [Resolved] (AMQ-4218) JMS selector statement not displayed correctly in subscribers web view if contains XML-prohibited characters

     [ https://issues.apache.org/jira/browse/AMQ-4218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Timothy Bish resolved AMQ-4218.
-------------------------------

       Resolution: Fixed
    Fix Version/s: 5.8.0
         Assignee: Timothy Bish

Patch looks good, thanks. 
                
> JMS selector statement not displayed correctly in subscribers web view if contains XML-prohibited characters
> ------------------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-4218
>                 URL: https://issues.apache.org/jira/browse/AMQ-4218
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.7.0
>            Reporter: Dawid Wróbel
>            Assignee: Timothy Bish
>            Priority: Minor
>              Labels: escaping, jsp, selector, web-ui, webconsole, webgui, xml
>             Fix For: 5.8.0
>
>         Attachments: AMQ-4218.patch
>
>
> The issue reported affects two similar use cases:
> * XML view of JMS subscribers is rendered with syntax errors if any of the subscribers has a selector containing an XML-prohibited character in its statement, e.g. {{PROPERTY <> VALUE}} selector statement contains {{<}} and {{>}} characters that cause XML syntax errors
> * HTML view of JMS subscribers does not properly display the selector statement if it contains any of the XML-prohibited characters in it, e.g. {{PROPERTY <> VALUE}} will be displayed as {{PROPERTY VALUE}} - both the {{<}} and {{>}} characters are stripped out
>  
> The solution is to use the {{<c:out value=""/>}} syntax whenever an XML-unescaped string is to be outputted - the {{c:out}} has the {{escapeXml}} property set to {{true}} by default which does the trick.
> I have attached the patch that fixes the XML escaping for JMS selector. 
> Please note that I could not find any JMS naming specification to make sure whether the JMS selector is the only field that is allowed to contain XML-prohibited characters. Therefore I would advise the patch reviewer to figure  out whether this fix should also be applied to JMS Client ID, Connection ID, Destination Name and Subscription name fields.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira