I think I have got to the bottom of why the EL has been so fragile and why the fixes to the various edge case bug fixes have invariably created new edge cases. It is probably easier to explain by considering an example. Using the echo tag from the newly added EL test cases consider the following JSP extract:
<tags:echo echo="${1+1}" /> <tags:echo echo="\${1+1}" /> <tags:echo echo="\\${1+1}" /> The JSP and EL specs are a little fuzzy/inconsistent but the guidance we received from the expert group was: - the whole attribute should be unquoted as per the rules for quoting JSP attributes - everything outside an actual expression after unquoting should be treated as a literal The issue is that we performed JSP attribute unquoting and EL parsing in two independent steps. This creates an ambiguity. If the attribute values above are unquoted then we get the following: ${1+1} ${1+1} \${1+1} The first is an EL expression and will be treated as such. The second is a literal. However, the EL parser will treat it as an expression. The third is a literal '\' followed by an expression but the EL parser will see an escaped literal. My proposed solution is to modify the output of the attribute unquoting to ensure the EL Parser correctly interprets the result. ie: ${1+1} ${'$'}{1+1} ${'\'}${1+1} In writing this I think a few of my test cases might still be wrong. I'll take a look and update them as necessary. I have some rough code that implements this scheme. I am in the process of integrating it into Jasper for trunk. I can see this taking little while to iron out the wrinkles before I'll be ready t propose a back-port for 6.0.x. I don't think we should hold up the 6.0.x release for this. I think it is more important to get the next 6.0.x release out than to wait to fix something that has been broken for quite a while anyway. One area where help would be appreciated is in the test cases. If folks see an edge case that isn't covered by the current set of tests please do add it. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org