[
https://issues.apache.org/struts/browse/WW-2993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=46069#action_46069
]
Qiang Zheng commented on WW-2993:
---------------------------------
I agree. That looks even better on balance of readability and conciseness.
> double Name expression gets escaped without being evaluated
> -----------------------------------------------------------
>
> Key: WW-2993
> URL: https://issues.apache.org/struts/browse/WW-2993
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.0.14
> Reporter: Qiang Zheng
> Assignee: Wes Wannemacher
> Fix For: 2.1.7
>
>
> In DoubleListUIBean.java, there is one piece of code trying to populate
> "doubleId" parameter. Looks like when "form!=null" this.doubleName get
> escaped without being evaluated. The counter part in "form is null" case does
> "findString" before do "escape". This cause problem when we pass in
> doubleName as
> "%{#attr.name}", the lower part of "doubleId" became "_%{#attr_name}". Here
> is the code.
> -----------------------------------------------------------------
> if (doubleId != null) {
> .....
> } else if (form != null) {
> addParameter("doubleId", form.getParameters().get("id") + "_"
> +escape(this.doubleName));
> } else {
> addParameter("doubleId", escape(doubleName !=null ?
> findString(doubleName) : null));
> }
> -----------------------------------------------------------------
> Should it acutally be:
> if (doubleId != null) {
> .....
> } else if (form != null) {
> addParameter("doubleId", form.getParameters().get("id") + "_"
> +escape(doubleName !=null ? findString(doubleName) : null));
> } else {
> addParameter("doubleId", escape(doubleName !=null ?
> findString(doubleName) : null));
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
