[jira] [Commented] (OFBIZ-13168) String to numeric conversion does not support non-breaking spaces

Sat, 30 Nov 2024 04:21:19 -0800 


    [ 
https://issues.apache.org/jira/browse/OFBIZ-13168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17902032#comment-17902032
 ] 

ASF subversion and git services commented on OFBIZ-13168:
---------------------------------------------------------

Commit b663c864a7da5450e684feec879ce3cd91a0973d in ofbiz-framework's branch 
refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=b663c864a7 ]

Reverted:  commits post to 761fb67d7f commit (OFBIZ-13162)

This is for a quick test on stable demo. It will be quickly reverted.

Revert "Improved: adds an OFBiz-Online-Documentation.adoc file.txt"
This reverts commit a1342e17b4bb6b4317018e57f3fdb5d3ca835386.

Revert "Improved: Prevent URL parameters manipulation (OFBIZ-13147)"
This reverts commit 59e79c6f39beb031cf2b476215b0701745725a64.

Revert "Fixed: [SECURITY]  Several CVEs in Apache Tomcat (OFBIZ-13180)"
This reverts commit a11e1fba91da54e59c4d7b22cd7562009558bc7f.

Revert "Improved: Prevent URL parameters manipulation (OFBIZ-13147)"
This reverts commit b15ffa06fc348c085ae178a77a4e4e83f610f4f8.

Revert "Fixed: Support non-breaking spaces in numeric strings (OFBIZ-13168)"
This reverts commit 98abd377d05530190ee954bee16768c7dc4adb59.

Revert "Fixed: Support non-breaking spaces in numeric strings (OFBIZ-13168)"
This reverts commit 8a3293a78756827ddaec42456f1b1da59e1e5e58.

Revert "Improved: Prevent URL parameters manipulation (OFBIZ-13147)"
This reverts commit de26aaebb484c7fdfe84b0efff52f31f8db5be8b.

Revert "Improved: updates README.adoc for JDK use, now 11"
This reverts commit 42d0ad8532a1eae80bce597c818ed1a453a9ca9c.


> String to numeric conversion does not support non-breaking spaces
> -----------------------------------------------------------------
>
>                 Key: OFBIZ-13168
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-13168
>             Project: OFBiz
>          Issue Type: Bug
>          Components: ALL COMPONENTS
>    Affects Versions: 18.12.16, Upcoming Branch
>            Reporter: Florian Motteau
>            Assignee: Jacques Le Roux
>            Priority: Minor
>             Fix For: 18.12.18
>
>         Attachments: 845.patch, Image 025.png, Image 026.png, Image 029.png, 
> Image 030.png, Peek 05-11-2024 10-59.mp4, Peek 12-11-2024 12-16.mp4, 
> image-2024-11-05-11-01-13-030.png, image-2024-11-12-09-55-16-578.png
>
>
> When submitting a form with numeric values, OFBiz uses a text input (`<input 
> type="text"/>`), so all characters (entered by hand or pasted) are allowed in 
> the input.
> On form's submission, for numeric fields, the string is parsed using 
> `java.text.NumberFormat` class (parse method), using a number instance 
> formatter.
> This formatter does not supports non-breaking spaces ('\u00A0', '\u202F', 
> '\u2007'), and characters after a non-breaking space are ignored :
> !image-2024-11-05-11-01-13-030.png|width=337,height=153!
> This can lead to a situation where a visually correct form stores wrong 
> values :
> [^Peek 05-11-2024 10-59.mp4]
> One of our client reported this situation while pasting values from external 
> tools. Some values where truncated, because the external tool used 
> non-breaking spaces when displaying values.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to