In org.apache.jasper.compiler.Validator.checkXmlAttributes(), the validation for deferred values and methods is raising an exception when an rtexprvalue attribute is legitimate. ------Stacktrace------ org.apache.jasper.JasperException: org.apache.jasper.JasperException: /index.jsp(83,0) According to TLD or attribute directive in tag file, attribute items does not accept any expressions org.apache.jasper.servlet.JspServletWrapper.handleJspException (JspServletWrapper.java:565) org.apache.jasper.servlet.JspServletWrapper.service (JspServletWrapper.java:354) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) ------relevant code in checkXmlAttributes()------ if (!deferred && (tldAttrs[j].isDeferredMethod() || tldAttrs [j].isDeferredValue())) { // Only deferred expressions are allowed for this attribute err.jspError(n, "jsp.error.attribute.custom.non_rt_with_expr", tldAttrs[j].getName()); } ------testcase------ <c:forEach var="k" items="${colors}"> <li><font color="${k}">This line is ${k}</font>. </c:forEach> The TLD for JSTL 1.2 says items can be an rtexprvalue and also a deferred- value. So the above usage is correct. Attaching a testcase WAR. ------summary------ I don't think this code is really necessary; at least, it needs to be relaxed to allow tai.canBeRequestTime() values.
Created attachment 19094 [details] Testcase for 40913
Ok, I have adjusted the check.