another bug found in WebServiceForm

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

another bug found in WebServiceForm

italavera
Hi, using WebServiceForm.js,

WebserviceForm line 57
 if (httpPayload.method.toLowerCase() == "get") {
      httpPayload.url = this.webServiceForm.action + "?";
      for (var i=0; i<this.webServiceForm.elements.length; ++i) {
        var element = this.webServiceForm.elements[i];
line 61         httpPayload.url += element.name + "=" + element.value + "&";
        this.formElements[element.name] = element.value;
      } 

element.value
is the parameter value element value from a web form, but what happen when this value contains (i.e. whiteSpace tabs ),if those are not escaped would generate
an erronous HTTP URL (http:\\locahost:8080\myApp\param1=Hello World)
and ProxyRedirector Crush getting 505 error from webServer.

So to fix this bug I have modified line 61 with this.

line 61 --> httpPayload.url += element.name + "=" + escape(element.value) + "&";
Done that the ServerURL param passing to ProxyRedirector is http:\\locahost:8080\myApp\param1=Hello%20World
regards
Nacho
PD: I still having problems with FF3 using 1.5rc2 (with Sarrissa.js)


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Mapbuilder-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/mapbuilder-users
Reply | Threaded
Open this post in threaded view
|

Re: another bug found in WebServiceForm

Cameron Shorter
Thanks for the patch Ignacio.

Could you please raise an issue in JIRA reporting this.
http://jira.codehaus.org/browse/MAP

Does your patch work in:
IE6, IE7, FF2, FF3?

If so, please note in your issue that you have tested for each of the
above and I'll commit your fix into svn.

Ignacio Talavera wrote:

> Hi, using WebServiceForm.js,
>
> *WebserviceForm line 57
> */ if (httpPayload.method.toLowerCase() == "get") {
>       httpPayload.url = this.webServiceForm.action + "?";
>       for (var i=0; i<this.webServiceForm.elements.length; ++i) {
>         var element = this.webServiceForm.elements[i];
> *line 61         httpPayload.url += element.name <http://element.name>
> + "=" + element.value + "&";*
>         this.formElements[element.name <http://element.name>] =
> element.value;
>       }
> /*
> /element.value/ *is the parameter value element value from a web form,
> but what happen when this value contains (i.e. whiteSpace tabs ),if
> those are not escaped would generate
> an erronous HTTP URL (http:\\locahost:8080\myApp\param1=Hello World)
> and ProxyRedirector Crush getting 505 error from webServer.
>
> /So to fix this bug I have modified line 61 with this.
>
> line 61 --> httpPayload.url += element.name <http://element.name> +
> "=" + *escape*(element.value) + "&";
> /Done that the ServerURL param passing to ProxyRedirector is/
> /http:\\locahost:8080\myApp\param1=Hello%20World
> regards
> Nacho
> PD: I still having problems with FF3 using 1.5rc2 (with Sarrissa.js)
>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
> Build the coolest Linux based applications with Moblin SDK & win great prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> ------------------------------------------------------------------------
>
> _______________________________________________
> Mapbuilder-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/mapbuilder-users
>  


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Mapbuilder-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/mapbuilder-users