[jira] Commented: (WW-2993) double Name expression gets escaped without being evaluated

Mon, 20 Apr 2009 07:14:30 -0700 

    [ 
https://issues.apache.org/struts/browse/WW-2993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=46068#action_46068
 ] 

Dave Newton commented on WW-2993:
---------------------------------

I'm perhaps overly-fond of the ternary operator, but that's much harder to read 
and understand. I'd propose this:

    String escDoubleName = escape(doubleName != null ? findString(doubleName) : 
null);
    String doubleId = escDoubleName;
    if (form != null) {
        doubleId = form.getParameters().get("id") + "_" + doubleId;
    }


> double Name expression gets escaped without being evaluated
> -----------------------------------------------------------
>
>                 Key: WW-2993
>                 URL: https://issues.apache.org/struts/browse/WW-2993
>             Project: Struts 2
>          Issue Type: Bug
>    Affects Versions: 2.0.14
>            Reporter: Qiang Zheng
>            Assignee: Wes Wannemacher
>             Fix For: 2.1.7
>
>
> In DoubleListUIBean.java, there is one piece of code trying to populate 
> "doubleId" parameter. Looks like when "form!=null" this.doubleName get 
> escaped without being evaluated. The counter part in "form is null" case does 
> "findString" before do "escape". This cause problem when we pass in 
> doubleName as
> "%{#attr.name}", the lower part of "doubleId" became "_%{#attr_name}". Here 
> is the code.
> -----------------------------------------------------------------
> if (doubleId != null) {
> .....           
>         } else if (form != null) {
>             addParameter("doubleId", form.getParameters().get("id") + "_" 
> +escape(this.doubleName));
>         } else {
>             addParameter("doubleId", escape(doubleName !=null ? 
> findString(doubleName) : null));
>         }
> -----------------------------------------------------------------
> Should it acutally be:
> if (doubleId != null) {
> .....           
>         } else if (form != null) {
>             addParameter("doubleId", form.getParameters().get("id") + "_" 
> +escape(doubleName !=null ? findString(doubleName) : null));
>         } else {
>             addParameter("doubleId", escape(doubleName !=null ? 
> findString(doubleName) : null));
>         }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to