Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-5904

"Value" attribute of hidden form field is overridden by same name value in context

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Trunk
    • Fix Version/s: Trunk, 12.04.06, 13.07.02
    • Component/s: framework
    • Labels:
      None

      Description

      e.g.

      <field ...>
      <hyperlink target="..." link-type="hidden-form" >
      <parameter param-name="partyId" value="Company" />
      ...
      </hyperlink>
      </field>

      If there's a "partyId" key in context, then, the value set here will be overridden.

      This problem is caused by commit r1392766 :

      for (Map.Entry<String, String> parameter: parameterMap.entrySet()) {
      if (parameter.getValue() != null)

      Unknown macro: { + String key = parameter.getKey(); + writer.append("<input name=""); - writer.append(parameter.getKey()); + writer.append(key); writer.append("" value=""); - writer.append(parameter.getValue()); + + String valueFromContext = context.containsKey(key) ? + context.get(key).toString() }

      }

      In this commit, it got context value in preceding of "value" attribute. It's not reasonable.

      This defect mentioned above was caused by trying fix the problem introduced by commit 1298454:

      • return this.value.expandString(context);
        + try
        Unknown macro: { + return URLEncoder.encode(this.value.expandString(context), Charset.forName("UTF-8").displayName()); + }

        catch (UnsupportedEncodingException e)

        Unknown macro: { + Debug.logError(e, module); + return this.value.expandString(context); + }

      In this commit, it called URLEncoder.encode to encode parameter value no matter where the value would be used. Actually, if use this value as the "value" attribute of html form field, it should be encoded by HtmlEncoder not URLEncoder.

        Activity

        Hide
        utcb Leon added a comment -

        In my patch, use URLEncoder.encode while rendering a link, and use StringUtil.htmlEncoder.encode while rendering a form field.

        Show
        utcb Leon added a comment - In my patch, use URLEncoder.encode while rendering a link, and use StringUtil.htmlEncoder.encode while rendering a form field.
        Hide
        jacques.le.roux Jacques Le Roux added a comment -

        Thanks Leon!

        Your patch is in
        trunk r1644904
        R13.07 r1644905
        R12.04 r1644923

        Show
        jacques.le.roux Jacques Le Roux added a comment - Thanks Leon! Your patch is in trunk r1644904 R13.07 r1644905 R12.04 r1644923

          People

          • Assignee:
            jacques.le.roux Jacques Le Roux
            Reporter:
            utcb Leon
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development