Hi,
2014-04-28 14:43 GMT+03:00 Konstantin Kolinko <knst.koli...@gmail.com>: > > Hi! > > I am reviewing the ELParser fix for > https://issues.apache.org/bugzilla/show_bug.cgi?id=56334 > > Those are > in 7.0: > http://svn.apache.org/viewvc?view=revision&revision=r1587887 > in 6.0: > > 1). In java/org/apache/jasper/compiler/Validator.java > > There was replacement s/ attrs.getValue(i) / attributeValue / in one > of methods. There were two occurrences where that replacement was not > done - in error messages. I went on and fixed that in r1590604 . > > I'll backport to Tomcat 7 shortly. A cosmetic issue. > > 2) The above mentioned replacement is missing from Validator.java in > Tomcat 6 patch. > > I suspect that this might be a bug in Tomcat 6. > > > 3) A comment in org.apache.jasper.compiler.TestELParser: > > * <li>LiteralExpressions always occur outside of "${...}" and "#{...}". Literal > * expressions escape '#39; and '#' with '\\' if '#39; or '#' is followed by '{' > * but neither '\\' nor '{' is escaped.</li> > > The ["if '#39; or '#' is followed by '{'"] part is not needed. > > As far as I am reading JSP 2.2 spec, $ and # are escaped by '\' > regardless of whether they are followed by '{'. > > The code in ELParser does not check for following '{'. > > (No bug here. The implementation is correct. Only the comment is off). > > 4) Validator$ValidateVisitor$XmlEscapeNonELVisitor.visit(Text) > > The code in ELParser.TextBuilder.visit(Text) was updated to apply > "escapeLiteralExpression()", but the same method in > XmlEscapeNonELVisitor has not been updated. > > I think it is a bug here. Do you want to wait with 7.0.54? Thanks Violeta > Best regards, > Konstantin Kolinko > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org >
