[jira] Commented: (OFBIZ-2231) Escaped ampersands in xml import need to be reencoded

Stephen Rufle (JIRA) Fri, 06 Mar 2009 14:42:30 -0800

    [ 
https://issues.apache.org/jira/browse/OFBIZ-2231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12679750#action_12679750
 ]


Stephen Rufle commented on OFBIZ-2231:
--------------------------------------

The limiting factor seems to be that we have to treat it as plain text
because it has already been run through the security stuff. Would it be
possible to allow for a certain URL to be excluded from the security check?


> Escaped  ampersands in xml import need to be reencoded
> ------------------------------------------------------
>
>                 Key: OFBIZ-2231
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-2231
>             Project: OFBiz
>          Issue Type: Bug
>          Components: framework
>    Affects Versions: SVN trunk
>         Environment: Windows XP
>            Reporter: Stephen Rufle
>             Fix For: SVN trunk
>
>         Attachments: 2009-03-06_WebToolsServices.patch
>
>
>  While trying to import
> {code:xml} 
> <PostalAddress toName="To" stateProvinceGeoId="NJ" postalCode="08873" 
> countryGeoId="USA" contactMechId="001" city="SOMERSET" attnName="Steve"
>  address2="100 Some Ave" address1="First&amp;Broadway"/>
> {code} 
> got the following exception. I think that the recent security stuff encodes 
> the xml so it is no longer valid during the reader.parse call in 
> org.ofbiz.webtools.WebToolsServices.parseEntityXmlFile(...) 
> My solution is to make a call to 
> {code}
> xmltext= StringUtil.replaceString(xmltext, "&", "\&amp;");
> {code}
> before reader.parse is called
> {code}
> An error occurred saving the data, rolling back transaction (true)
> Exception: org.xml.sax.SAXException
> Message: Error storing value
> ---- stack trace 
> ---------------------------------------------------------------
> org.ofbiz.entity.GenericEntityException: Error while inserting: 
> [GenericEntity:PartyRelationship]...
> javolution.xml.sax.XMLReaderImpl.parseAll(Unknown Source)
> javolution.xml.sax.XMLReaderImpl.parse(Unknown Source)
> org.ofbiz.entity.util.EntitySaxReader.parse(EntitySaxReader.java:258)
> org.ofbiz.entity.util.EntitySaxReader.parse(EntitySaxReader.java:209)
> org.ofbiz.webtools.WebToolsServices.parseEntityXmlFile(WebToolsServices.java:459)
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> java.lang.reflect.Method.invoke(Unknown Source)
> org.ofbiz.service.engine.StandardJavaEngine.serviceInvoker(StandardJavaEngine.java:96)
> org.ofbiz.service.engine.StandardJavaEngine.runSync(StandardJavaEngine.java:54)
> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:384)
> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213)
> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:148)
> org.ofbiz.webtools.WebToolsServices.entityImport(WebToolsServices.java:203)
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> java.lang.reflect.Method.invoke(Unknown Source)
> org.ofbiz.service.engine.StandardJavaEngine.serviceInvoker(StandardJavaEngine.java:96)
> org.ofbiz.service.engine.StandardJavaEngine.runSync(StandardJavaEngine.java:54)
> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:384)
> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213)
> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:148)
> org.ofbiz.webapp.event.ServiceEventHandler.invoke(ServiceEventHandler.java:328)
> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:530)
> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:328)
> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:201)
> org.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:77)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:259)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
> org.ofbiz.catalina.container.CrossSubdomainSessionValve.invoke(CrossSubdomainSessionValve.java:44)
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> java.lang.Thread.run(Unknown Source)
> ---------------------------------------------------------------
> {code}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (OFBIZ-2231) Escaped ampersands in xml import need to be reencoded

Reply via email to