Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-5178

Freemarker Template Error when migrating Struts2-Core from 2.5.29 to 2.5.30

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.5.30
    • 6.0.0
    • Core
    • None

    Description

      Originally, we were attempting to migrate our Struts2-Core from version 2.5.26 to 2.5.30 to bring in the security improvements to OGNL double eval. It was after this that we noticed a strange Freemarker error appearing that did not previously. After doing some checks, we've isolated the exact version that breaks for us. Struts 2.5.29 is working, but with the migration to 2.5.30 we get the following error appearing for the checkbox.ftl template file: 

      ERROR - 2022-04-20 13:28:32,366 [qtp1459672753-1897  ] freemarker.runtime - Error executing FreeMarker template
      FreeMarker template error:
      For "&&" right-hand operand: Expected a boolean, but this has evaluated to a string+extended_hash (String wrapped into f.e.b.StringModel):
      ==> parameters.nameValue  [in template "template/simple/checkbox.ftl" at line 22, column 32]
      
      ----
      FTL stack trace ("~" means nesting-related):
              - Failed at: #if parameters.nameValue?? && paramet...  [in template "template/simple/checkbox.ftl" at line 22, column 1]
      ----
      
      Java stack trace (for programmers):
      ----
      freemarker.core.NonBooleanException: [... Exception message was already printed; see it above ...]
              at freemarker.core.Expression.modelToBoolean(Expression.java:179)
              at freemarker.core.Expression.evalToBoolean(Expression.java:162)
              at freemarker.core.Expression.evalToBoolean(Expression.java:147)
              at freemarker.core.AndExpression.evalToBoolean(AndExpression.java:36)
              at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48)
              at freemarker.core.Environment.visit(Environment.java:330)
              at freemarker.core.Environment.visit(Environment.java:336)
              at freemarker.core.Environment.process(Environment.java:309)
              at freemarker.template.Template.process(Template.java:384)
              at org.apache.struts2.components.template.FreemarkerTemplateEngine.renderTemplate(FreemarkerTemplateEngine.java:154)
              at org.apache.struts2.components.UIBean.mergeTemplate(UIBean.java:580)
              at org.apache.struts2.components.UIBean.end(UIBean.java:539)
              at org.apache.struts2.views.jsp.ComponentTagSupport.doEndTag(ComponentTagSupport.java:39)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspx_meth_s_005fcheckbox_005f4(service_005fparameter_jsp.java:5843)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspx_meth_s_005fif_005f20(service_005fparameter_jsp.java:5784)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspx_meth_s_005felse_005f4(service_005fparameter_jsp.java:5737)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspx_meth_s_005fif_005f18(service_005fparameter_jsp.java:5598)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspx_meth_s_005fif_005f3(service_005fparameter_jsp.java:1115)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspx_meth_s_005fiterator_005f0(service_005fparameter_jsp.java:930)
              at org.apache.jsp.setup.services.service_005fparameter_jsp._jspService(service_005fparameter_jsp.java:235)
              at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
              at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:465)
              at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:383)
              at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:331)
              at org.eclipse.jetty.jsp.JettyJspServlet.service(JettyJspServlet.java:106)
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
              at org.eclipse.jetty.servlet.ServletHolder$NotAsync.service(ServletHolder.java:1459)
              at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
              at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)
              at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
              at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
              at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:618)
              at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
              at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
              at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)

      The error seems trivial, but why is an upgrade between 2.5.29 and 2.5.30 causing this to appear for internal Struts2 template files? We noted that more fixes for double eval were included in this release, but don't see why that would be causing this error to appear. The error is easily reproducible for us by switching back and forth between 2.5.29 and 2.5.30.

      After looking through some recent Struts fixes, we noticed the description of this Jira Item (WW-5163) which has an error very similar to the one we are getting now.

       

      Attachments

        Activity

          People

            yasserzamani Yasser Zamani
            NathanHertner Nathan Hertner
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: