DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4776>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4776 ResponseUtils.filter() does not encode the apostrophe character [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | ------- Additional Comments From [EMAIL PROTECTED] 2002-06-23 15:04 ------- Reopening this bug because you still don't understand it. What on earth does "not ... typically encoded for browsers" mean? Read my comments again. It DOES NOT MATTER whether or not in actual fact the HTML looks like <tag attr="val"> or <tag attr='val'>, you can always encode both ' and " and no negative effects arise from this. It DOES NOT MATTER if you encode ' and as it turns out the code looks like <tag attr="val">, or indeed if you encode " and as it turns out the code looks like <tag attr='val'>, or indeed if you encode both " and ' and it's not an attribute value at all, but just some body text. At risk of repeating myself, this is a bug and it should be fixed, because leaving it unfixed will occasionally cause (security!) problems, and fixing it will never cause problems, and fixing it is trivial. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
