[
https://issues.apache.org/jira/browse/TOMAHAWK-1222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12637468#action_12637468
]
Paul Rivera commented on TOMAHAWK-1222:
---------------------------------------
Hi!
I agree with you that value must confirm to the restrictions on component ids
imposed by the specification. I've checked the JSF specification for both 1.1
and 1.2 and under the section 'Client Identifiers' there is no mention of a
specific format for clientId.
But for myfaces, the clientId can contain numbers, letters, -, and _ only.
Mojarra has the same constraint.
I suggest we do the same check that UIComponentBase.isIdValid() does. If the
value from forceIdIndexFormula contains characters other than those mentioned
above, we should throw an exception and not encode it.
Here's a sample of what was rendered from my test case (attached above as
testcase1.rar):
<tr><td>TEXT2 '<>>/>"</td><td><a href="#" onclick="return
oamSubmitForm('mainForm','mainForm:itemsTable:TEXT2
'<>>/>":deleteLinkX');" id="mainForm:itemsTable:TEXT2
'<>>/>":deleteLinkX">delete</a></td></tr>
The malformed id causes oamSubmitForm() not to function properly. The link is
then unable to call the method from my backing bean.
I've attached a patch above named AbstractHtmlDataTable.patch and has already
been tested for both tomahawk11 and tomahawk12.
> forceIdIndexFormula must encode value
> -------------------------------------
>
> Key: TOMAHAWK-1222
> URL: https://issues.apache.org/jira/browse/TOMAHAWK-1222
> Project: MyFaces Tomahawk
> Issue Type: Bug
> Components: Extended Datatable
> Affects Versions: 1.1.6
> Environment: Any
> Reporter: Michael Lipp
> Attachments: AbstractHtmlDataTable.patch, testcase1.rar
>
>
> The documentation does not impose any restriction on the value passed to
> forceIdIndexFormula. But as Tomahawk makes the value returned part of the
> component id, the value must confirm to the restrictions on component ids
> imposed by the specification. This should either be specified in the
> documentation (bad) or the value should be encoded when used in the component
> id (better).
> The problem showed up in my case because the rows displayed show data from an
> LDAP server and the distinguished name used as unique key contains commas.
> This breaks Sun's JSF RI because it creates a JavaScript function invocation
> with "f(id,value)". When the id contains a comma (as in my case) the function
> arguments cannot be seperated properly any more.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
