[jira] [Updated] (SLING-5869) htl doesn't escape '%' character in uri context

Tue, 19 Jul 2016 04:26:23 -0700 

     [ 
https://issues.apache.org/jira/browse/SLING-5869?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nicolas Peltier updated SLING-5869:
-----------------------------------
    Description: 
% char in an href will not be escaped by sightly. This will cause an issue in 
case a space is immediately after it, e.g.
"?message=5% fat only" will be escaped like "5%%20fat%20only", and %%20 will 
crash some servers' request processing, at least it crashes sling's with 
something like:
{noformat}
org.apache.sling.engine.impl.parameters.ParameterSupport 
getRequestParameterMapInternal: Error parsing request
java.lang.IllegalArgumentException: Bad escape sequence: %=l
at org.apache.sling.engine.impl.parameters.Util.parseNVPairString(Util.java:330)
at org.apache.sling.engine.impl.parameters.Util.parseQueryString(Util.java:215)
at 
org.apache.sling.engine.impl.parameters.ParameterSupport.getRequestParameterMapInternal(ParameterSupport.java:247)
at 
org.apache.sling.engine.impl.parameters.ParameterSupport.getParameter(ParameterSupport.java:
{noformat}


  was:
% char in an href will not be escaped by sightly. This will cause an issue in 
case a space is immediately after it, e.g.
"5% fat only" will be escaped like "5%%20fat%20only", and %%20 will crash some 
servers' request processing, at least it crashes sling's with something like:
{noformat}
org.apache.sling.engine.impl.parameters.ParameterSupport 
getRequestParameterMapInternal: Error parsing request
java.lang.IllegalArgumentException: Bad escape sequence: %=l
at org.apache.sling.engine.impl.parameters.Util.parseNVPairString(Util.java:330)
at org.apache.sling.engine.impl.parameters.Util.parseQueryString(Util.java:215)
at 
org.apache.sling.engine.impl.parameters.ParameterSupport.getRequestParameterMapInternal(ParameterSupport.java:247)
at 
org.apache.sling.engine.impl.parameters.ParameterSupport.getParameter(ParameterSupport.java:
{noformat}



> htl doesn't escape '%' character in uri context
> -----------------------------------------------
>
>                 Key: SLING-5869
>                 URL: https://issues.apache.org/jira/browse/SLING-5869
>             Project: Sling
>          Issue Type: Bug
>          Components: Scripting
>            Reporter: Nicolas Peltier
>
> % char in an href will not be escaped by sightly. This will cause an issue in 
> case a space is immediately after it, e.g.
> "?message=5% fat only" will be escaped like "5%%20fat%20only", and %%20 will 
> crash some servers' request processing, at least it crashes sling's with 
> something like:
> {noformat}
> org.apache.sling.engine.impl.parameters.ParameterSupport 
> getRequestParameterMapInternal: Error parsing request
> java.lang.IllegalArgumentException: Bad escape sequence: %=l
> at 
> org.apache.sling.engine.impl.parameters.Util.parseNVPairString(Util.java:330)
> at 
> org.apache.sling.engine.impl.parameters.Util.parseQueryString(Util.java:215)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.getRequestParameterMapInternal(ParameterSupport.java:247)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.getParameter(ParameterSupport.java:
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to