You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by "Ken Weiner (JIRA)" <de...@myfaces.apache.org> on 2006/01/17 20:16:42 UTC

[jira] Created: (MYFACES-1036) HtmlMessageRenderer's replacement of input ID with input label fails when label is not escaped

HtmlMessageRenderer's replacement of input ID with input label fails when label is not escaped
----------------------------------------------------------------------------------------------

         Key: MYFACES-1036
         URL: http://issues.apache.org/jira/browse/MYFACES-1036
     Project: MyFaces
        Type: Bug
  Components: Tomahawk  
    Versions: 1.1.1    
    Reporter: Ken Weiner


If you try to use <t:message> with an input component that has a label that is not escaped properly (has a '$' or some other special regex character), the rendering of the message component fails with the following error:

The following exception is thrown:

 java.lang.IndexOutOfBoundsException: No group 1
	at java.util.regex.Matcher.group(Matcher.java:463)
	at java.util.regex.Matcher.appendReplacement(Matcher.java:730)
	at java.util.regex.Matcher.replaceAll(Matcher.java:806)
	at java.lang.String.replaceAll(String.java:2000)
	at org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer.getDetail(HtmlMessageRenderer.java:107)
        ...

This happens when replaceAll() is called in the following places:

org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer.getSummary()
    ...
            msgSummary = msgSummary.replaceAll(findInputId(facesContext, msgClientId),inputLabel); (line 72)

    ...

org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer.getDetail()
    ...
            msgDetail = msgDetail.replaceAll(findInputId(facesContext, msgClientId),inputLabel); (line 108)

   ...

If the inputLabel string contains a '$', then it breaks.

I think the proper fix would be to replace all regex special characters in inputLabel with their escaped sequences right before calling replaceAll().  For example:

        inputLabel = inputLabel.replaceAll("\\\\", "\\\\\\\\").replaceAll("\\$", "\\\\\\$");

I don't know regex well enough to know what all the special characters are or if there is some method that can be called to do this escaping for us.  I'd be happy to submit a patch if someone could help me determine what the proper fix would be.  Thanks.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

[jira] Commented: (TOMAHAWK-18) HtmlMessageRenderer's replacement of input ID with input label fails when label is not escaped

Posted by "Simon Kitching (JIRA)" <de...@myfaces.apache.org>.

    [ http://issues.apache.org/jira/browse/TOMAHAWK-18?page=comments#action_12449551 ] 
            
Simon Kitching commented on TOMAHAWK-18:
----------------------------------------

Just wanted to note that the project I am currently working on also got bitten by this bug and we currently have a workaround for this, based on the above regex.

> HtmlMessageRenderer's replacement of input ID with input label fails when label is not escaped
> ----------------------------------------------------------------------------------------------
>
>                 Key: TOMAHAWK-18
>                 URL: http://issues.apache.org/jira/browse/TOMAHAWK-18
>             Project: MyFaces Tomahawk
>          Issue Type: Bug
>          Components: Message(s)
>            Reporter: Ken Weiner
>
> If you try to use <t:message> with an input component that has a label that is not escaped properly (has a '$' or some other special regex character), the rendering of the message component fails with the following error:
> The following exception is thrown:
>  java.lang.IndexOutOfBoundsException: No group 1
> 	at java.util.regex.Matcher.group(Matcher.java:463)
> 	at java.util.regex.Matcher.appendReplacement(Matcher.java:730)
> 	at java.util.regex.Matcher.replaceAll(Matcher.java:806)
> 	at java.lang.String.replaceAll(String.java:2000)
> 	at org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer.getDetail(HtmlMessageRenderer.java:107)
>         ...
> This happens when replaceAll() is called in the following places:
> org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer.getSummary()
>     ...
>             msgSummary = msgSummary.replaceAll(findInputId(facesContext, msgClientId),inputLabel); (line 72)
>     ...
> org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer.getDetail()
>     ...
>             msgDetail = msgDetail.replaceAll(findInputId(facesContext, msgClientId),inputLabel); (line 108)
>    ...
> If the inputLabel string contains a '$', then it breaks.
> I think the proper fix would be to replace all regex special characters in inputLabel with their escaped sequences right before calling replaceAll().  For example:
>         inputLabel = inputLabel.replaceAll("\\\\", "\\\\\\\\").replaceAll("\\$", "\\\\\\$");
> I don't know regex well enough to know what all the special characters are or if there is some method that can be called to do this escaping for us.  I'd be happy to submit a patch if someone could help me determine what the proper fix would be.  Thanks.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira