Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
3.0.1
-
None
Description
The PortletV3Demo has the following try/catch block:
DependencyPortlet.java
try {
resp.addDependency("Invalid", "attempt", "1.1.1", dep);
xmap.put(disp, "No exception");
} catch (Exception e) {
xmap.put(disp, e.toString());
}
The call to e.toString will put the textual message of the exception into the map, which eventually gets rendered inside the portlet:
dependencyDialog.jsp
<h3>Tests for Bad Dependency Strings:</h3> <c:forEach items="${xmap}" var="entry"> <p> String: ${entry.key }<br> Exception: ${entry.value } </p> </c:forEach>
The problem is that the e.toString textual message might contain special HTML characters such as the less-than (<) character (as is the case with Liferay Portal) which needs to be encoded. Otherwise the <script> that follows will not become part of the DOM:
<script> $(document).ready(function(){ $("#<portlet:namespace/>button").click(function(){ var txt = "jQuery version: " + $().jquery; $("#<portlet:namespace/>fadeText").text(txt); $("#<portlet:namespace/>fadeBox").fadeIn(3000); }); }); </script>