Uploaded image for project: 'ActiveMQ'
  1. ActiveMQ
  2. AMQ-4218

JMS selector statement not displayed correctly in subscribers web view if contains XML-prohibited characters

    XMLWordPrintableJSON

    Details

    • Patch Info:
      Patch Available

      Description

      The issue reported affects two similar use cases:

      • XML view of JMS subscribers is rendered with syntax errors if any of the subscribers has a selector containing an XML-prohibited character in its statement, e.g. PROPERTY <> VALUE selector statement contains < and > characters that cause XML syntax errors
      • HTML view of JMS subscribers does not properly display the selector statement if it contains any of the XML-prohibited characters in it, e.g. PROPERTY <> VALUE will be displayed as PROPERTY VALUE - both the < and > characters are stripped out

      The solution is to use the <c:out value=""/> syntax whenever an XML-unescaped string is to be outputted - the c:out has the escapeXml property set to true by default which does the trick.

      I have attached the patch that fixes the XML escaping for JMS selector.

      Please note that I could not find any JMS naming specification to make sure whether the JMS selector is the only field that is allowed to contain XML-prohibited characters. Therefore I would advise the patch reviewer to figure out whether this fix should also be applied to JMS Client ID, Connection ID, Destination Name and Subscription name fields.

        Attachments

        1. AMQ-4218.patch
          2 kB
          Dawid Wróbel

          Activity

            People

            • Assignee:
              tabish Timothy A. Bish
              Reporter:
              wrobelda Dawid Wróbel
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: