Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 3.6.3
Affects Version/s: None
Component/s: None
Labels:
None

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

HTML is not escaped for the contents of failed macros and bad links.

For normal JIRA usage this means that the Wiki Rendered fields may produce unexpected results for html special characters (<, & etc) in the event of a macro typo or malformed url.

If you enter in the description from ~~JRA-6372~~ (included below) it blows up the viewing of the issue.

It is treating the Velocity stuff as unknown macros.

I've exhausted all efforts thru the user forum. Maybe someone can help me?
I want to include values of custom fields in my email notifiactions. 
I was successful (at first) by using some code from another user:

#foreach ($cfv in ${issue.getRelated("ChildCustomFieldValue")})
#set ($cf = ${cfv.getRelatedOne("ParentCustomField")})
#if (${cfv.getString("stringvalue")})
	<tr><td width=20%><b>${cf.getString("name")}:</b></td><td
width=80%>${cfv.getString("stringvalue")}</td></tr>
#elseif (${cfv.getString("textvalue")})
	<tr><td width=20%><b>${cf.getString("name")}:</b></td><td
width=80%>${cfv.getString("textvalue")}</td></tr>
#elseif (${cfv.getString("numbervalue")})
	<tr><td width=20%><b>${cf.getString("name")}:</b></td><td
width=80%>${cfv.getLong("numbervalue")}</td></tr>
#end
#end

Well, that seemed to work, but then I found that NOT ALL custom fields were
handled by the above code. Specifically, drop down values. However, it didn't
bother me so much that for some custom fields the values displayed as
internal codes. The problem was one project that had a custom field of type
'project picker'. email notifications for that project caused the template to break
with an error:
Invocation of method 'getLong' in class org.ofbiz.core.entity.GenericValue
   threw exception class java.lang.ClassCastException : java.lang.Double
at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:246)
at ... etc. ...
I tried putting in #else code to handle some cases, I tried putting in code I
found from Anton in the user forum:


#elseif ($cf.getLong("fieldtype").intValue() == 1 ||
$cf.getLong("fieldtype").intValue() == 3 ||
$cf.getLong("fieldtype").intValue() == 5)
	<tr><td width=20%><b>${cf.getString("name")} : </b></td><td
width=80%>${cfv.getString("stringvalue")}
#elseif ($cf.getLong("fieldtype").intValue() == 2)
	<tr><td width=20%><b>${cf.getString("name")} : </b></td><td
width=80%>${cfv.getLong("numbervalue")}
#elseif ($cf.getLong("fieldtype").intValue() == 4)
	<tr><td width=20%><b>${cf.getString("name")} : </b></td><td
width=80%>${cfv.getDate("datevalue")}

all to no avail. I really would like to get this working - or at least not broken.
I've looked at the Velocity user's manual and scoured the source code, but
I can't find how to do this. 

As a side note (I can log an issue if you like), I noticed that when viewing
an issue that has been moved between projects, the "Change History" also
shows the internal project ID rather than the project name, so even within
the web interface, it looks like internal ID's still show up sometimes.

Attachments

Issue Links

is duplicated by

JRASERVER-10560 XML tag not escaped in comment

Closed

relates to

JRASERVER-9080 Navigator results crap out on j.a.com

Closed

JRASERVER-6372 showing custom fields in email notifications

Closed

Activity

People

Assignee:: Chris Mountford

Reporter:: Nick Menere [Atlassian] (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 19/Jan/2006 5:03 AM

Updated:: 16/Oct/2018 12:58 AM

Resolved:: 29/Jun/2006 1:15 AM