[
https://issues.apache.org/jira/browse/OFBIZ-5953?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14321737#comment-14321737
]
Jacques Le Roux edited comment on OFBIZ-5953 at 7/2/15 12:09 PM:
-----------------------------------------------------------------
Thanks Jacopo, excellent article!
I meant this one
http://security.coverity.com/blog/2013/Nov/to-escape-or-not-to-escape-that-is-the-question.html
suggested in OFBIz-5910
was (Author: jacques.le.roux):
Thanks Jacopo, excellent article!
> Problem with new UtilCodec code caused by HTMLEntityCodec.decode()
> ------------------------------------------------------------------
>
> Key: OFBIZ-5953
> URL: https://issues.apache.org/jira/browse/OFBIZ-5953
> Project: OFBiz
> Issue Type: Bug
> Components: framework
> Affects Versions: Trunk
> Reporter: Christian Carlow
> Fix For: 14.12.01, Upcoming Branch
>
>
> From Adrian on ML:
> When I navigate to
> https://localhost:8443/accounting/control/paymentOverview?paymentId=8004 many
> exceptions are thrown and the screen fails to render. I tried changing
> WidgetWorker.java line 74 to localRequestName =
> UtilCodec.canonicalize(localRequestName, false, false); which fixed the
> exceptions, but the generated link is wrong. I don't know how to fix it.
> Errors related to this class are also thrown at
> accounting/control/invoiceOverview. Setting a breakpoint at line 167 of
> UtilCodec.java shows that 2 HTMLEntityCodec.decode calls transforms the URL
> from
> EditAcctgTrans?acctgTransId=10070&organizationPartyId=10010 to
> EditAcctgTrans?acctgTransId=10070&organizationPartyId=10010 to
> EditAcctgTrans?acctgTransId=10070∨ganizationPartyId=10010.
> Not sure if the error is in class UtilCode or HTMLEntityCodec.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
