>Number: 2592
>Category: other
>Synopsis: <SERVLET> parameters enclosed in single quotes doesn't work
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Sat Jul 11 23:30:01 PDT 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: JServ 0.9.11/Apache 1.3.0
>Environment:
Any OS, problem in Java code
>Description:
<SERVLET> parameters enclosed in single-quotes are not handled
correctly in SGMLTag.
>How-To-Repeat:
Try reading the value of a parameter passed to a Servlet called
through a <SERVLET> tag in a jhtml file, e.g.
<SERVLET NAME=test>
<PARAM NAME=foo VALUE='quotes are passed as part of value'>
</SERVLET>
>Fix:
The following modified version of SGMLTag.nextToken() corrects the problem:
public static String nextToken(String string, int index)
{
String token = "";
char c = string.charAt(index);
// quoted string? (handle both single and double added)
if (c == '"' || c == ''') {
boolean inSingle = false;
boolean inDouble = false;
if (c == ''') inSingle = true; else inDouble = true;
token += c;
do {
c = string.charAt(++index);
if (c == '\\') token += string.charAt(++index);
else token += c;
} while ((inDouble && c != '"') || (inSingle && c != '''));
}
// parameter delimiter?
else if (isDelimiter(c))
token += c;
// word token?
else if (!isWhiteSpace(c)) {
do { token += c; c = string.charAt(++index); }
while (!isWhiteSpace(c) && !isDelimiter(c));
}
// otherwise, give back a null
else token = null;
return token;
}
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
