From 01fcdf329b180108c31b1e809fedcf7e98ec34cc Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 25 Nov 2021 13:15:58 +0100 Subject: fix bug in GUI rendering that apply if messages contains a single quote --- .../idp/auth/services/ProtocolAuthenticationService.java | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 49acfadc..ca2c92b1 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -497,18 +497,25 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer final IGuiBuilderConfiguration config = guiConfigFactory .getDefaultErrorGui(HttpUtils.extractAuthUrlFromRequest(httpReq)); + String[] errorCodeParams = null; if (params == null) { errorCodeParams = new String[] {}; + } else { errorCodeParams = new String[params.length]; for (int i = 0; i < params.length; i++) { if (params[i] != null) { - errorCodeParams[i] = params[i].toString(); + /* replace all single-quotes by two single-quotes for escaping purposes to mitigate + * Thymeleaf error in: + * th:text="${#messages.msgWithParams('__${msg.errorCode}__', '__${msg.errorParams}__')}" + */ + errorCodeParams[i] = params[i].toString().replaceAll("'", "''"); + } else { errorCodeParams[i] = "null"; + } - } } @@ -534,7 +541,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } catch (final GuiBuildException e) { log.warn("Can not build error-message GUI.", e); - throw new EaafException("9199", null, e); + throw new EaafException("internal.99", new Object[] {e.getMessage()}, e); } -- cgit v1.2.3