[jira] [Resolved] (AMQ-4218) JMS selector statement not displayed correctly in subscribers web view if contains XML-prohibited characters

Tue, 11 Dec 2012 08:33:23 -0800 

     [ 
https://issues.apache.org/jira/browse/AMQ-4218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Timothy Bish resolved AMQ-4218.
-------------------------------

       Resolution: Fixed
    Fix Version/s: 5.8.0
         Assignee: Timothy Bish

Patch looks good, thanks. 
                
> JMS selector statement not displayed correctly in subscribers web view if 
> contains XML-prohibited characters
> ------------------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-4218
>                 URL: https://issues.apache.org/jira/browse/AMQ-4218
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.7.0
>            Reporter: Dawid Wróbel
>            Assignee: Timothy Bish
>            Priority: Minor
>              Labels: escaping, jsp, selector, web-ui, webconsole, webgui, xml
>             Fix For: 5.8.0
>
>         Attachments: AMQ-4218.patch
>
>
> The issue reported affects two similar use cases:
> * XML view of JMS subscribers is rendered with syntax errors if any of the 
> subscribers has a selector containing an XML-prohibited character in its 
> statement, e.g. {{PROPERTY <> VALUE}} selector statement contains {{<}} and 
> {{>}} characters that cause XML syntax errors
> * HTML view of JMS subscribers does not properly display the selector 
> statement if it contains any of the XML-prohibited characters in it, e.g. 
> {{PROPERTY <> VALUE}} will be displayed as {{PROPERTY VALUE}} - both the 
> {{<}} and {{>}} characters are stripped out
>  
> The solution is to use the {{<c:out value=""/>}} syntax whenever an 
> XML-unescaped string is to be outputted - the {{c:out}} has the {{escapeXml}} 
> property set to {{true}} by default which does the trick.
> I have attached the patch that fixes the XML escaping for JMS selector. 
> Please note that I could not find any JMS naming specification to make sure 
> whether the JMS selector is the only field that is allowed to contain 
> XML-prohibited characters. Therefore I would advise the patch reviewer to 
> figure  out whether this fix should also be applied to JMS Client ID, 
> Connection ID, Destination Name and Subscription name fields.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to