[ http://issues.apache.org/jira/browse/VELTOOLS-52?page=comments#action_12332285 ]
Nathan Bubna commented on VELTOOLS-52: -------------------------------------- Ok. I don't really think your solution is that much harder to maintain that it's worth the performance loss of using the others. Of course, there's also the facts that we're not ready to rely on Jdk regexps, ORO is on its way out, and apparently StringTokenizer is too. so, of the four, i like your "home brew". perhaps the commons-validator or Struts taglib folks would as well, if you offered it to them. i'll give this another day or so, so that other folks have a chance to chime in if they have an opinion. then i'll commit it. veltools 1.2 is getting very close... :) > ValidatorTool javascript generator can generate invalid Javascript > ------------------------------------------------------------------ > > Key: VELTOOLS-52 > URL: http://issues.apache.org/jira/browse/VELTOOLS-52 > Project: VelocityTools > Type: Bug > Components: VelocityStruts > Versions: 1.2 > Environment: Using JDK1.4.2 / Linux 2.4 kernel / Tomcat 4.1 > Reporter: Christopher Schultz > Assignee: Nathan Bubna > Fix For: 1.2 > Attachments: ValidatorTool.diff > > ValidatorTool can create invalid javascript in a few situations. > Here is an example of such a situation and also an example of the invalid > javascript it generates. > Suppose you have the following dynamic action form validation rules defined > (this is actually text field which is intended to be used as an "other" input > when a drop-down has the value of "Other"). > <pre> > <field property="selectOther" > depends="validwhen,maxlength" > page="1"> > <arg0 key="prompt.selectOther"/> > <arg1 name="maxlength" key="${var:maxlength}" resource="false" /> > <var><var-name>maxlength</var-name><var-value>255</var-value></var> > <var> > <var-name>test</var-name> > <var-value> > (((select == "Other") and (*this* != null)) or > (select != "Other")) > </var-value> > </var> > </field> > </pre> > When ValidatorTool generates Javascript for this, you get the following: > <pre> > . > . > . > this.a3 = new Array("orgTypeOther", "The field Organization Type cannot > be greater than 255 characters.", new Function ("varName", > "this.maxlength='255'; this.test='(((orgType == "Other") and (*this* != > null)) or > (orgType != "Other"))'; return this[varName];")); > . > . > . > </pre> > Note that there is a newline in the string literal (invalid) and that the > double-quotes used in my "validwhen" rule have not been escaped, which > prematurely ends the double-quoted string starting with > <code>"this.maxlength</code>, which really confuses the Javascript > interpreter. > It turns out that switching from double-quotes to single-quotes doesn't help, > since there are also single-quoted strings within that double-quoted string, > so basically it won't work no matter what you do (since backslash-escaping > the quotes will cause the validwhen test itself to become invalid. > I see two solutions: properly escape the variable values being dumped into > Javascript, or avoid adding the "test" variable to the Javascript, since it > will be ignored, anyway. > I propose fixing the escaping, since there may be other validator "var" > values with this same problem. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
