Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

spring-form JSP tags should escape HTML value based on response character encoding #33023

Closed
wants to merge 1 commit into from
Closed

spring-form JSP tags should escape HTML value based on response character encoding #33023

wants to merge 1 commit into from

Conversation

stonio
Copy link
Contributor

@stonio stonio commented Jun 13, 2024

I notice that spring-form JSP tags always escapes attribute value with character encoding ISO-8859-1 defined in class WebUtils. It is preferable to align with response character encoding (likely UTF-8).

Spring Framework taglib should only use "HTML escape function" based on response character encoding.

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Jun 13, 2024
@snicoll snicoll added the in: web Issues in web modules (web, webmvc, webflux, websocket) label Jun 14, 2024
@poutsma poutsma self-assigned this Jun 19, 2024
@poutsma poutsma added type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Jun 19, 2024
@poutsma poutsma added this to the 6.2.0-M5 milestone Jun 19, 2024
poutsma referenced this pull request Jun 19, 2024
@poutsma
Encode based on response character encoding
e622555 
Before this commit, characters were always encoded with the default
encoding (i.e. ISO-8859-1). Now, the character encoding of the response
is used.

Closes gh-files
@poutsma
Copy link
Contributor

poutsma commented Jun 19, 2024

Thank you for submitting a PR. I decided to take a simpler approach to solve the issue in e622555, so that we did not have to change ValueFormatter.

@poutsma poutsma closed this Jun 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@poutsma poutsma

Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement
Projects
None yet
Milestone
6.2.0-M5
Development

Successfully merging this pull request may close these issues.
4 participants
@stonio @poutsma @snicoll @spring-projects-issues