[
https://issues.apache.org/jira/browse/PLUTO-723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Neil Griffin closed PLUTO-723.
------------------------------
Resolution: Fixed
Fixed in commit
[2a789eec50296fc02a60b3f31d14eae8d3726063|https://github.com/apache/portals-pluto/commit/2a789eec50296fc02a60b3f31d14eae8d3726063]
> PortletV3Demo DependencyPortlet does not encode the exception message
> ---------------------------------------------------------------------
>
> Key: PLUTO-723
> URL: https://issues.apache.org/jira/browse/PLUTO-723
> Project: Pluto
> Issue Type: Bug
> Components: demo portlets
> Affects Versions: 3.0.1
> Reporter: Neil Griffin
> Assignee: Neil Griffin
> Priority: Major
> Fix For: 3.0.2
>
>
> The PortletV3Demo has the following try/catch block:
> {code:java|title=DependencyPortlet.java}
> try {
> resp.addDependency("Invalid", "attempt", "1.1.1", dep);
> xmap.put(disp, "No exception");
> } catch (Exception e) {
> xmap.put(disp, e.toString());
> }
> {code}
> The call to {{e.toString}} will put the textual message of the exception into
> the map, which eventually gets rendered inside the portlet:
> {code:html|title=dependencyDialog.jsp}
> <h3>Tests for Bad Dependency Strings:</h3>
> <c:forEach items="${xmap}" var="entry">
> <p>
> String: ${entry.key }<br>
> Exception: ${entry.value }
> </p>
> </c:forEach>
> {code}
> The problem is that the {{e.toString}} textual message might contain special
> HTML characters such as the less-than (<) character (as is the case with
> Liferay Portal) which needs to be encoded. Otherwise the {{<script>}} that
> follows will not become part of the DOM:
> {code:html|dependencyDialog.jsp}
> <script>
> $(document).ready(function(){
> $("#<portlet:namespace/>button").click(function(){
> var txt = "jQuery version: " + $().jquery;
> $("#<portlet:namespace/>fadeText").text(txt);
> $("#<portlet:namespace/>fadeBox").fadeIn(3000);
> });
> });
> </script>
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
