[GERONIMO-5384] Geronimo console doesn't seem to handle % in sql statements right. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.1.5, 2.2.1
Fix Version/s: 2.1.7, 2.2.1, 3.0.0
Component/s: None
Security Level: public (Regular issues)
Labels:
None

Description

This bug is seen in Geronimo console under Run Sql on the Database Pools form.
Try to run this query, the problem seems to be independent of datasource:

select * from foo where name like '%a%'

The result is:

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "a%"
java.net.URLDecoder.decode(URLDecoder.java:173)
org.apache.geronimo.console.filter.XSSHandler.isInvalidParam(XSSHandler.java:135)
org.apache.geronimo.console.filter.XSSHandler.isInvalidParameters(XSSHandler.java:80)
org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:105)

Attachments

Activity

People

Assignee:: Lei Wang

Reporter:: Knut-Håvard Aksnes

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 20/Jun/10 16:04

Updated:: 02/Nov/10 03:10

Resolved:: 22/Jun/10 01:40