Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-97879

Using the foreach directive with a context item that is blocked by the Introspector in a Velocity template will throw an unhandled exception

      Issue Summary

      The Velocity HtmlSafe library is interfering with the regular null handling within Velocity foreach directives, leading to undesirable behaviour.

      Steps to Reproduce

      Following some recent changes, it is difficult to reproduce this in a production instance as it is an edge case. Feel free to refer to CONFSERVER-96642 for reproduction steps specific to 8.9.4.

      #foreach($iter in $blockedContextItem.getValues(true))
        $iter
      #end

      Expected Results

      The null value should be handled with more grace. A complete stack trace need not be logged. The Velocity HtmlSafe library specifically, should not be throwing any exception and know to ignore null collections.

      Actual Results

      Following exception is thrown and logged each time the template is rendered:

      java.lang.NullPointerException
          at com.atlassian.velocity.htmlsafe.introspection.ReturnValueAnnotator.getAnnotationsForMethod(ReturnValueAnnotator.java:34)
          at com.atlassian.velocity.htmlsafe.introspection.AnnotationBoxingUberspect.getMethodAnnotations(AnnotationBoxingUberspect.java:341)
          at com.atlassian.velocity.htmlsafe.introspection.HtmlSafeAnnotationBoxingUberspect.getMethodAnnotations(HtmlSafeAnnotationBoxingUberspect.java:28)
          at com.atlassian.confluence.velocity.introspection.ConfluenceAnnotationBoxingUberspect.getMethodAnnotations(ConfluenceAnnotationBoxingUberspect.java:24)
          at com.atlassian.velocity.htmlsafe.introspection.AnnotationBoxingUberspect.getMethod(AnnotationBoxingUberspect.java:131)
          at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:192)
          at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:262)
          at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:507)
          at org.apache.velocity.runtime.parser.node.ASTExpression.value(ASTExpression.java:71)
          at org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:142)
          at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
          at org.apache.velocity.runtime.directive.Foreach.performIteration(Foreach.java:393)
          at org.apache.velocity.runtime.directive.Foreach.render(Foreach.java:316)
          at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175)
          at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336)
          at org.apache.velocity.runtime.RuntimeInstance.render(RuntimeInstance.java:1276)
          at org.apache.velocity.runtime.RuntimeInstance.evaluate(RuntimeInstance.java:1215)
          at org.apache.velocity.runtime.RuntimeInstance.evaluate(RuntimeInstance.java:1164)
          at org.apache.velocity.app.VelocityEngine.evaluate(VelocityEngine.java:219) 

      Workaround

      Within Velocity templates, do a null check prior to invoking a foreach directive.

            [CONFSERVER-97879] Using the foreach directive with a context item that is blocked by the Introspector in a Velocity template will throw an unhandled exception

            A fix for this issue is available in Confluence Server and Data Center 9.3.1. Upgrade now or check out the Release Notes to see what other issues are resolved.

            Akshay Kumar added a comment - A fix for this issue is available in Confluence Server and Data Center 9.3.1. Upgrade now or check out the Release Notes to see what other issues are resolved.

              854eef6f5746 Kusal Kithul-Godage
              854eef6f5746 Kusal Kithul-Godage
              Affected customers:
              1 This affects my team
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: