Bug 52335 - Tomcat escapes all the \% in Template Text as %.
Summary: Tomcat escapes all the \% in Template Text as %.
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 5
Classification: Unclassified
Component: Jasper (show other bugs)
Version: 5.5.34
Hardware: PC Windows XP
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-15 00:35 UTC by zhanglili
Modified: 2011-12-27 07:52 UTC (History)
2 users (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description zhanglili 2011-12-15 00:35:51 UTC
hi,

I noticed that there is a problem at the % escape on Tomcat 5.5.34.

(1)The problem
    The JSP Specification 2.0 says:
    ------
    JSP.1.6 Quoting and Escape Conventions
    → Quoting in Template Text
      ・A literal <% is quoted by <\%
    ------

    But the result of the % escape on Tomcat 5.5.34 is :
    ------
    Not only the \% of <\% is escaped as %.
    All the \% in Template Text is escaped as %.
    ------

    If I want to show \% on the HTML page, it is needed to write \\% in a JSP file.

    The problem  also occurs on Tomcat 5.5.23 or Tomcat7.0.8.
    And it seems that the problem has already occured on Tomcat 5.5.0.

(2)The reason
    The reason of the problem is that the following method is not implemented
    according to JSP Specification.
         ・The class:
                org.apache.jasper.compiler.Parser
         ・The method:
               void parseTemplateText(Node parent)
         ・The part of source:
           ------
           else if (ch == '\\') {
                if (!reader.hasMoreInput()) {
                    ttext.write('\\');
                    break;
                }
                // Look for \% or \$
                // Only recognize \$ if isELIgnored is false
                char next = (char)reader.peekChar();
                if (next == '%' || (next == '$' && !pageInfo.isELIgnored())) { ▲
                    ch = reader.nextChar();
                }
            }
           ------

Is it a bug?
Comment 1 Konstantin Kolinko 2011-12-15 12:26:59 UTC
I agree that this is an issue.

The steps to reproduce, 7.0.23:
1. Create test.jsp containing the following line:
[[[ \% \\% <\% ]]]

2. Actual result:
The page is rendered as [[[ % \% <% ]]]
Expected result: [[[ \% \\% <% ]]] 


I agree that I do not see provisions for escaping single '%' in the JSP Spec.
In JSP.1.3.10.1 EBNF Grammar (in JSP 2.2 Spec) defines template text as
[[[
TemplateText ::= ( ‘<‘ | ‘${‘ | ‘#{‘ )
| ( TemplateChar* -
( TemplateChar* ( ‘<‘ | ‘${‘ | ‘#{‘ ) ) )

TemplateChar ::= ‘\$’
| ‘\#’
| ‘<\%’
| Char
[ vc : QuotedDollarMatched ]
]]]

The ‘<\%’ is explicitly mentioned, but not '\%'.
Comment 2 Mark Thomas 2011-12-15 19:34:14 UTC
Fixed in trunk and 7.0.x and will be included in 7.0.24 onwards.

Proposed for 6.0.x and 5.5.x
Comment 3 Mark Thomas 2011-12-20 20:29:04 UTC
Fixed in 5.5.x and will be included in 5.5.35 onwards.
Comment 4 Konstantin Kolinko 2011-12-27 07:52:40 UTC
Fixed in 6.0 with r1224877 and will be in 6.0.36.