DisplayTag
  1. DisplayTag
  2. DISPL-316

allow ampersand escaped url in requestURI attribute

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Trivial Trivial
    • Resolution: Incomplete
    • Affects Version/s: 1.1
    • Fix Version/s: None
    • Component/s: HTML Generation
    • Labels:
      None

      Description

      Passing in an ampersand escaped url in requestURI attribute produces wrong pagination/sorting link urls.

      Say requestURI is: http://my.portal/myapp?portalparam1=param1&portalparam2=param2

      A link url may be: http://my.portal/myapp?amp;portalparam2=param1&portalparam1=param1&page=...

      May be DefaultHref fails to tokenize parameters (row 113 as of version 1.1):

      StringTokenizer paramTokenizer = new StringTokenizer(tokenizer.nextToken(), "&");

      with ampersand escaped urls it happens a token to be amp;portalparam2 instead of portalparam2.

        Activity

        Hide
        fabrizio giustina added a comment -
        > http://my.portal/myapp?portalparam1=param1&portalparam2=param2
        an escaped ampersand is not valid in the url: it needs to be escaped in the document, but the browser should unescape it before following the link and sending the request to the server, so http://my.portal/myapp?portalparam1=param1&portalparam2=param2 IS the same as http://my.portal/myapp?amp;portalparam2=param1&portalparam1=param1

        Where are you seeing this problem? How the escaped ampersand is passed to displaytag, is this the behaviour of a specific portal server?
        Show
        fabrizio giustina added a comment - > http://my.portal/myapp?portalparam1=param1&portalparam2=param2 an escaped ampersand is not valid in the url: it needs to be escaped in the document, but the browser should unescape it before following the link and sending the request to the server, so http://my.portal/myapp?portalparam1=param1&portalparam2=param2 IS the same as http://my.portal/myapp?amp;portalparam2=param1&portalparam1=param1 Where are you seeing this problem? How the escaped ampersand is passed to displaytag, is this the behaviour of a specific portal server?
        Hide
        Luca Barozzi added a comment -
        Well, this were the code, in a JSP, creating the problem before the replaceAll("&", "&") were added.

        [...]
                PortletURL listUrl = renderResponse.createActionURL();
                listUrl.setParameter("PAGE", "PROJECTPAGE");
                listUrl.setParameter("SOURCE", "ProjectsList");
                listUrl.setParameter("COMMAND", "LIST");
        => pageContext.setAttribute("listUrl", listUrl.toString().replaceAll("&", "&"));
        [...]
                <dt:table id="progetto" class="list"
                        name="${progetti}" requestURI="${listUrl}"
                        requestURIcontext="false" excludedParams="*">
        [...]
                </dt:table>
        [...]

        the portal is eXo and listUrl contains "&amp;" as of given example. The parameter il passed to the table tag as the requestURI attribute and not unescaped by the browser before string tokenizing.
        Show
        Luca Barozzi added a comment - Well, this were the code, in a JSP, creating the problem before the replaceAll("&amp;", "&") were added. [...]         PortletURL listUrl = renderResponse.createActionURL();         listUrl.setParameter("PAGE", "PROJECTPAGE");         listUrl.setParameter("SOURCE", "ProjectsList");         listUrl.setParameter("COMMAND", "LIST"); => pageContext.setAttribute("listUrl", listUrl.toString().replaceAll("&amp;", "&")); [...]         <dt:table id="progetto" class="list"                 name="${progetti}" requestURI="${listUrl}"                 requestURIcontext="false" excludedParams="*"> [...]         </dt:table> [...] the portal is eXo and listUrl contains "&amp;" as of given example. The parameter il passed to the table tag as the requestURI attribute and not unescaped by the browser before string tokenizing.
        Hide
        fabrizio giustina added a comment -
        escaped ampersands (&amp;) must not be used in tag attributes. The methot you were using was escaping ampersands because it was intended to produce urls to be used in html links.
        Show
        fabrizio giustina added a comment - escaped ampersands (&amp;) must not be used in tag attributes. The methot you were using was escaping ampersands because it was intended to produce urls to be used in html links.

          People

          • Reporter:
            Luca Barozzi
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: