This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch release17.12 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release17.12 by this push: new bbc63bc Fixed: Ampersand in Party not displayed correctly (OFBIZ-12140) bbc63bc is described below commit bbc63bc470286693b5984c3a8d3bcac08214edf0 Author: Jacques Le Roux <jacques.le.r...@les7arts.com> AuthorDate: Sat Jan 23 17:47:46 2021 +0100 Fixed: Ampersand in Party not displayed correctly (OFBIZ-12140) In the reported case, ModelFormField::getDescription double HTML encodes the description when both the entity and the description contain an ampersand. A solution is to test if the description is already HTML encoded before encoding it again. If HTML encoded then only String encodes it. BTW I'm not sure it's useful but it's harmless, the same solution can be applied to OFBIZ-12026 and similarly in renderableFtlFormElementsBuilder::encode. I'll do as improvements... Thanks: Andrew Waters for report and help in analysis --- .../main/java/org/apache/ofbiz/widget/model/ModelFormField.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java b/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java index 0e4a900..18c64c8 100644 --- a/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java +++ b/framework/widget/src/main/java/org/apache/ofbiz/widget/model/ModelFormField.java @@ -36,6 +36,7 @@ import java.util.Map; import java.util.StringTokenizer; import java.util.TimeZone; +import org.apache.commons.text.StringEscapeUtils; import org.apache.ofbiz.base.conversion.ConversionException; import org.apache.ofbiz.base.conversion.DateTimeConverters; import org.apache.ofbiz.base.conversion.DateTimeConverters.StringToTimestamp; @@ -1392,7 +1393,12 @@ public class ModelFormField { if (UtilValidate.isEmpty(retVal)) { retVal = ""; } else if (this.getModelFormField().getEncodeOutput()) { - UtilCodec.SimpleEncoder simpleEncoder = (UtilCodec.SimpleEncoder) context.get("simpleEncoder"); + UtilCodec.SimpleEncoder simpleEncoder = null; + if (retVal.equals(StringEscapeUtils.unescapeEcmaScript(StringEscapeUtils.unescapeHtml4(retVal)))) { + simpleEncoder = (UtilCodec.SimpleEncoder) context.get("simpleEncoder"); + } else { + simpleEncoder = UtilCodec.getEncoder("string"); + } if (simpleEncoder != null) { retVal = simpleEncoder.encode(retVal); }