Uploaded image for project: 'Wicket'
  1. Wicket
  2. WICKET-4505

AbstractTextComponent not escaping html data by default therefore user text is not redisplayed correctly

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.5.5
    • Fix Version/s: 1.5.6, 6.0.0-beta2
    • Component/s: wicket
    • Labels:
      None

      Description

      User input is not escaped in all text fields by default (and the default is not configurable).

      This leads to user entered text not being redisplayed correctly.

      • You can replicate using the project from WICKET-3330.
      • Just enter the text my½companyname and press enter
      • The field will not redisplay the text entered properly

        Attachments

        1. EscapeHtmlChars.zip
          33 kB
          Andrea Del Bene
        2. ASF.LICENSE.NOT.GRANTED--screenshot-1.jpg
          60 kB
          Jean-Philippe Boudreault

          Issue Links

            Activity

              People

              • Assignee:
                svenmeier Sven Meier
                Reporter:
                jpboudreault Jean-Philippe Boudreault
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: