Opened 9 years ago
Closed 9 years ago
#14784 closed defect (fixed)
_FormWidget and MappedTextBox replace ' with " in name attribute
Reported by: | Justin Doherty | Owned by: | bill |
---|---|---|---|
Priority: | undecided | Milestone: | 1.8 |
Component: | Dijit - Form | Version: | 1.7.1 |
Keywords: | Cc: | ||
Blocked By: | Blocking: |
Description (last modified by )
I am using Struts2 2.3.1.2 and Dojo 1.7.1. Struts2 allows population of a Map by setting the name of field to be like: <input ... name="mapName['mapKey']" .../>
Currently in Struts, or more specifically OpenSymphony's xwork library they validate parameter names using the following regex:
"\w+((\.\w+)|(\[\d+\])|(\(\d+\))|(\['\w+'\])|(\('\w+'\)))*"
Here is the documentation for struts on how to access map values: http://struts.apache.org/2.x/docs/type-conversion.html#TypeConversion-RelationshiptoParameterNames
My problem here is that _FormWidget and MappedTextBox both replace ' with " for the nameAttrSetting property thus replacing my single quotes with " making my parameter name no longer pass the above mentioned regex.
The code in both _FormWidget.js and MappedTextBox.js make references to http://www.w3.org/TR/REC-html40/appendix/notes.html#h-B.3.2 however the text in the link does not mention replacing single quote, it talks about replacing double quote with "
I believe the the replacement here is in error and it should be replacing double quote and not single quote.
The lines of code in question are:
/dijit/form/MappedTextBox.js line 79: this.valueNode = domConstruct.place("<input type='hidden'" + (this.name ? " name='" + this.name.replace(/'/g, """) + "'" : "") + "/>", this.textbox, "after"); /dijit/form/_FormWidget.js line 70: this.nameAttrSetting = this.name ? ('name="' + this.name.replace(/'/g, """) + '"') : '';
I tried replacing this.name.replace(/'/g, """) with this.name.replace(/"/g, """) but found some problems with the resulting dom attributes in firebug so my suggestion would be to change them to:
this.name.replace(/"/g, """).replace(/'/g, "'")
Attachments (1)
Change History (5)
comment:1 Changed 9 years ago by
Description: | modified (diff) |
---|---|
Milestone: | tbd → 1.8 |
Status: | new → assigned |
Changed 9 years ago by
Attachment: | 14784.patch added |
---|
comment:2 Changed 9 years ago by
Owner: | changed from Douglas Hays to bill |
---|
comment:3 Changed 9 years ago by
I guess you are right, I'm not sure why I escaped single quotes in those checkins.
patch to only escape double quote