-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Medium
-
Affects Version/s: 2.4.2, 2.5
-
Component/s: Reporting
-
Environment:
[clover-setup] Clover Version 2.5.0, built on May 11 2009 (build-755)
[clover-setup] Loaded from: /opt/clover/clover-ant-2.5.0/lib/clover.jar
[clover-setup] Clover: Commercial License registered to PROS Revenue Managment.Linux 2.6.9-78.0.1.ELsmp #1 SMP Tue Jul 22 18:11:48 EDT 2008 i686
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
Java HotSpot(TM) Server VM (build 1.5.0_11-b03, mixed mode)Java(TM) SE Runtime Environment (build 1.6.0_11-b03)
Java HotSpot(TM) Server VM (build 11.0-b16, mixed mode)[clover-setup] Clover Version 2.5.0, built on May 11 2009 (build-755) [clover-setup] Loaded from: /opt/clover/clover-ant-2.5.0/lib/clover.jar [clover-setup] Clover: Commercial License registered to PROS Revenue Managment. Linux 2.6.9-78.0.1.ELsmp #1 SMP Tue Jul 22 18:11:48 EDT 2008 i686 Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03) Java HotSpot(TM) Server VM (build 1.5.0_11-b03, mixed mode) Java(TM) SE Runtime Environment (build 1.6.0_11-b03) Java HotSpot(TM) Server VM (build 11.0-b16, mixed mode)
The "help" strings for column headers are not properly escaped/encoded for use in embedded HTML/Javascript.
If a column header whose help string causes a parsing error, every page navigation causes an IE script error popup (see attached screenshot), making the Clover report nearly unusable for IE users. Firefox browsers may report the parsing error but will at least continue gracefully.
This issue can be reproduced 100% of the time:
1. Generate an HTML coverage report that includes the column for percent uncovered contribution.
2. Navigate to any source file report page or package coverage summary using Internet Explorer.
3. Activate the help function by clicking "SHOW HELP" (this may or may not be necessary, depending on the browser)
4. An unescaped single-quote character will cause script parsing to fail (see below) with an error dialog (IE) or an error writing to the Error Console window (Firefox).
This issue was first found on Clover 2.4.2 and still occurs using 2.5.0.
Problem HTML:
<span class="headerTitle"><label onkeyup="return 'The amount of code that was not hit during testing as a percentage of the project's total';" >% Uncovered Contribution</label></span>
As reported by the error console in Firefox 3.6a:
Error: uncaught exception: [Exception... "Illegal value" nsresult: "0x80070057 (NS_ERROR_ILLEGAL_VALUE)" location: "JS frame :: file:///c:/documents%20and%20settings/wprice/desktop/forecaster/coverage_report/forecaster/help.js :: visitAllHelpElements :: line 75" data: no]
Error: missing ; before statement
Source File:
Line: 0, Column: 7
Source Code:
return 'The amount of code that was not hit during testing as a percentage of the project's total';
