Closed
Bug 15204
Opened 25 years ago
Closed 24 years ago
hidden inputs strip line feeds from value attribute
Categories
(Core :: Layout: Form Controls, defect, P3)
Core
Layout: Form Controls
Tracking
()
VERIFIED
FIXED
M18
People
(Reporter: mcafee, Assigned: rickg)
References
Details
(Keywords: regression, Whiteboard: [nsbeta3+][dogfood-][fixinhand])
Attachments
(4 files)
Using apprunner to change the tinderbox message of the day
blurb inserts weird HTML'isms that mess up the message.
Working on a test case.
Updated•25 years ago
|
Status: NEW → ASSIGNED
Target Milestone: M12
Comment 1•25 years ago
|
||
Accepting bug and will work on along with all the other output bugs for M12.
This is a case where the user types html source into a plaintext widget, submits
it through a form as plaintext (expecting it to look like what he typed), then
the cgi on the other end of the form displays it as html.
We do need a test case; the easiest way might be a javascript page that does
document.write of whatever it reads in from the text area.
Reporter | ||
Comment 2•25 years ago
|
||
Reporter | ||
Comment 3•25 years ago
|
||
Compare the text area contents on 4.5 & apprunner.
Document.write is echoing content below the textarea,
this isn't working on apprunner, but this is just extra stuff,
text area content is enough to show the bug.
Comment 4•25 years ago
|
||
Changing Component to Output.
Updated•25 years ago
|
Summary: Text areas don't post data properly → [DOGFOOD] Text areas don't post data properly
Comment 5•25 years ago
|
||
This is a dogfood candidate since it blocks mcafee's ability to use mozilla for
being sherriff.
Updated•25 years ago
|
Assignee: akkana → pollmann
Status: ASSIGNED → NEW
Comment 6•25 years ago
|
||
Originally, the problem was the improper handling of entities, particularly <
and >. But this has been fixed, and the plaintext output of the text in the
text field is correct (modulo whitespace) now. I'm guessing now that this is
due to other problems with html form controls.
Reporter | ||
Comment 7•25 years ago
|
||
Agreed, I need this for sheriff, that's dogfood for me
and the other sheriffs.
Comment 8•25 years ago
|
||
On second thought, this may not be a form submission bug; this may be a parser
bug.
Try running
viewer "http://bugzilla.mozilla.org/showattachment.cgi?attach_id=1935"
and do a Dump Content. Look at what it thinks the content of the text field is,
and compare that to what 4.6's View Source gives you. They're quite different.
Cc'ing Harish and Rick; maybe they can shed some light on this.
Comment 10•25 years ago
|
||
The wierdism in the textarea ( such as extra semicolons ) does look like a
parser problem. Investigating the problem. Assigning bug to myself and CCing
pollmann.
Updated•25 years ago
|
Component: Output → HTML Form Controls
OS: Solaris → All
Hardware: Sun → All
Comment 11•25 years ago
|
||
In addition to the extra semi's, fetching the textarea's value on
nsGfxTextControlFrame is returning an empty string. This is why nothing is
document.written. I'll take a look...
Comment 12•25 years ago
|
||
Got a fix for the content part of this bug - a one line change to
nsGfxTextControlFrame::GetTextControlState
Index: nsGfxTextControlFrame.cpp
===================================================================
RCS file: /cvsroot/mozilla/layout/html/forms/src/nsGfxTextControlFrame.cpp,v
retrieving revision 3.87
diff -r3.87 nsGfxTextControlFrame.cpp
814c814
< nsFormControlHelper::GetInputElementValue(mContent, &aValue, PR_TRUE);
---
> GetText(&aValue, PR_TRUE);
I'll check this in for M12.
Comment 13•25 years ago
|
||
Might take a day or two ( atmost ) to fix this bug.
Comment 14•25 years ago
|
||
Checked in the fix I mentioned above.
Assignee | ||
Comment 15•25 years ago
|
||
Eric -- giving this back to you, per a discussion with harishd. Please enter a
date into this bug when you think this will be fixed.
Updated•25 years ago
|
Status: NEW → ASSIGNED
Comment 16•25 years ago
|
||
This currently works for me on Linux. Testing on NT as soon as my build
finishes.
Estimate to have this working: tonight.
Comment 17•25 years ago
|
||
Harish, is the parser portion of this fix checked in?
Updated•25 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Comment 18•25 years ago
|
||
My NT build finished - the fix I checked in earlier also works on NT.
Comment 19•25 years ago
|
||
works fine. verified with dec 14th's commercial build.
Reporter | ||
Comment 20•25 years ago
|
||
Reopening, this is happening again.
Status: VERIFIED → REOPENED
Resolution: FIXED → ---
Reporter | ||
Comment 21•25 years ago
|
||
This broke before 3/3, still looking.
Reporter | ||
Comment 22•25 years ago
|
||
verified with akkana that test case shows that yeah, this isn't working right.
Comment 25•25 years ago
|
||
Has not been reviewed by PDT+ team yet this time around, removing PDT+. Also,
can you please provide a simple test case. There were two issues fixed with
this bug report, which one is broken again?
Whiteboard: [PDT+]
Comment 26•25 years ago
|
||
Just click on the attachment to see a test case. Then do it in 4.x and see the
difference.
Comment 27•25 years ago
|
||
Putting on PDT+ radar for beta1. But please fix by 03/10.
Keywords: dogfood
Summary: [DOGFOOD] Text areas don't post data properly → Text areas don't post data properly
Whiteboard: [PDT+]w/b minus on 03/10
Reporter | ||
Comment 28•25 years ago
|
||
2/23 build test case fails on linux, so it regressed before then.?
Comment 29•25 years ago
|
||
Reduced test case:
<HTML>
<BODY>
<TEXTAREA NAME="txt">
<B>Go home</B>
</TEXTAREA>
</BODY>
</HTML>
B doesn't show up in textarea. CC'ing buster and rods.
Status: REOPENED → ASSIGNED
Comment 30•25 years ago
|
||
Passing off to Harish, looks like he has a good start on this.
Assignee: pollmann → harishd
Status: ASSIGNED → NEW
Comment 31•25 years ago
|
||
Have a fix..need to do some testing though.
Whiteboard: [PDT+]w/b minus on 03/10 → [PDT+]w/b minus on 03/10 (~ landing 03/09 )
Reporter | ||
Comment 32•25 years ago
|
||
can you attach a patch for testing?
Comment 33•25 years ago
|
||
Comment 34•25 years ago
|
||
Html Tokens used to contain the name of the tag.
But for the sake of performance we now rely on the tagID
rather than tag name. This caused the bug to reincarnate.
FIXED this problem by including the tag name when recording trailing content (
used only for TEXTAREA).
Status: NEW → RESOLVED
Closed: 25 years ago → 25 years ago
Resolution: --- → FIXED
Comment 35•25 years ago
|
||
*** Bug 31155 has been marked as a duplicate of this bug. ***
Whiteboard: [PDT+]w/b minus on 03/10 (~ landing 03/09 ) → [PDT+]w/b minus on 03/10 (~ landing 03/09 ) - Need build later than 3/9 to verify
Comment 36•25 years ago
|
||
Verified on 2000-03-13-18-M15-nb1b build on Win95 and Linux, and
2000-03-13-17-M15-nb1b build on MacOS.
Status: RESOLVED → VERIFIED
Whiteboard: [PDT+]w/b minus on 03/10 (~ landing 03/09 ) - Need build later than 3/9 to verify → [PDT+]w/b minus on 03/10 (~ landing 03/09 )
Reporter | ||
Comment 37•25 years ago
|
||
it's baaaaaaaaack.
Just wiped out tinderbox status using mozilla to admin
tinderbox page. Clearing status, starting over. again.
Reporter | ||
Comment 38•25 years ago
|
||
note: this was on trunk, with linux.
I may have mistyped tinderbox password, sending me to
the page to reask password. Content lost all carriage returns,
and was truncated, about 1/2 of the HTML disappeared.
I resubmitted a skeleton html replacement and that seemed to work.
Any ideas? Something's amiss in cache/submit land.
Comment 40•25 years ago
|
||
See bug 38057. I have a fix for the truncation part of this bug, but not for
the loss of carriage returns. The fix is to tbglobals.pl, which is part of the
tinderbox cgi - it is escaping quotes wrongly, and also messes up in Nav or IE.
Assignee: harishd → pollmann
Status: REOPENED → NEW
Comment 41•25 years ago
|
||
*** Bug 38057 has been marked as a duplicate of this bug. ***
Comment 42•25 years ago
|
||
Comment 43•25 years ago
|
||
Tested on:
MacOS9 2000-08-02-04-M17 Commercial build
LinRH6 2000-08-02-04-M17 Commercial build
Win98 2000-08-02-05-M17 Commercial build
And the bug exists for all three platforms.
Comment 44•25 years ago
|
||
Additional info:
The original bug was that html source was getting it's CR's stripped and
replaced by garbage/misc. characters. Today, the CR's aren't stripped out, but
closing angle brackets ( '>' ) are being replaced by semicolon's. Chris, if I
left anything out, please update/correct/etc.
Comment 45•25 years ago
|
||
The truncation problem with tinderbox's message has been fixed. Steve was kind
enough to both check in the patch and update mozilla.org's copy of tinderbox -
thanks Steve! :)
Comment 46•25 years ago
|
||
Where was the patch checked in. Trunk? Branch? Trunk and Branch?
Reporter | ||
Comment 47•25 years ago
|
||
leger: patch to tinderbox server, not part of build.
This bug still open for carriage return lossage (and other
scrambling problems..)
Comment 48•25 years ago
|
||
Should this be downgraded from dogfood+?
Reporter | ||
Comment 49•25 years ago
|
||
I agree, and vote for dogfood-
Comment 50•25 years ago
|
||
ETA (if still +) 08-Aug-2000
Status: NEW → ASSIGNED
Whiteboard: [dogfood+]FOR THE TRUNK → [dogfood+]FOR THE TRUNK 08-Aug-2000
Comment 51•25 years ago
|
||
The linefeeds are being stripped out of the value attribute of the hidden input
in CAttributeToken::Consume at nsHTMLTokens.cpp:1387
if(!aRetainWhitespace)
mTextValue.StripChars("\r\n"); //per the HTML spec, ignore linefeeds...
aRetainWhitespace will only be true when we are viewing the source of the
document, so I don't know the solution to this one.
Harish, is there a way to specify that we want to preserve linefeeds for a case
like this?
Comment 52•25 years ago
|
||
Revising fix estimate - I'll be away 10-Aug and 11-Aug.
Whiteboard: [dogfood+]FOR THE TRUNK 08-Aug-2000 → [dogfood+]FOR THE TRUNK 15-Aug-2000
Comment 53•25 years ago
|
||
Comment 54•25 years ago
|
||
Line feeds in hidden inputs *should* be stripped (and converted to a single space)
just like the comment says.
INVALID? If we change our behaviour, then it can only be changed for quirks mode.
Comment 55•25 years ago
|
||
See bug 47078, which is directly related to the same line of code. By stripping
out the CR and LF characters we are also violating the spec and breaking some
additional class of sites:
--------(quoting bug 47078:)
This is what HTML4 spec says about the contents of CDATA attributes such as
value, alt, title, href, longdesc...:
# CDATA is a sequence of characters from the document character set and
# may include character entities. User agents should interpret attribute
# values as follows:
# o Replace character entities with characters,
# o Ignore line feeds,
# o Replace each carriage return or tab with a single space.
# User agents may ignore leading and trailing white space in CDATA attribute
# values (e.g., " myval " may be interpreted as "myval").
-- http://www.w3.org/TR/REC-html40/types.html#h-6.2
--------(end quote)
This suggest some code more like:
if(!aRetainWhitespace) {
if (<we have a CDATA attribute>) {
mTextValue.StripChars("\n"); //per the HTML spec, ignore linefeeds...
mTextValue.ReplaceChar("\t"," "); // replace tabs with spaces and...
mTextValue.ReplaceChar("\r"," "); // replace carriage returns with spaces...
} else {
mTextValue.StripChars("\r\n"); //per the HTML spec, ignore linefeeds...
}
}
I tested (a hack of) this patch and it actually kinda makes things worse in
terms of all reported bugs. For example, now the same page served off of a UNIX
server may not preserve a line break (\n stripped) but on an NT server may (\r\n
=> ' ').
It seems like what Nav and IE are doing is preserving all whitespace inside the
attribute (but not leading or trailing whitespace). Is the spec out of line
with industry practice here? Should we do what Nav and IE do? Is that more
like this:
if(!aRetainWhitespace) {
if (! <we have a CDATA attribute>) {
mTextValue.StripChars("\r\n"); //per the HTML spec, ignore linefeeds...
}
}
???
Note that there is already an exception in the spec as to how <style> and
<script> content is handled - it should be passed through without stripping line
breaks, so maybe this isn't to radical of a suggestion...
Comment 56•25 years ago
|
||
Ian, yes, this should only for quirks mode. That would probably include all of
the sites affected by this bug.
Summary: Text areas don't post data properly → hidden inputs strip line feeds from value attribute
Whiteboard: [dogfood+]FOR THE TRUNK 15-Aug-2000 → [dogfood+] 15-Aug-2000
Comment 57•25 years ago
|
||
*** Bug 47078 has been marked as a duplicate of this bug. ***
Comment 58•25 years ago
|
||
15204 was dogfood+ and is virtually the same problem in the same area.
Whiteboard: [dogfood+] 15-Aug-2000 → [dogfood+] [nsbeta3+] 15-Aug-2000
Comment 59•25 years ago
|
||
*** Bug 47535 has been marked as a duplicate of this bug. ***
Comment 60•25 years ago
|
||
Marking this bug 'mostfreq' so that it appears on my radar. Most of the DUPs
have actually been marked INVALID rather than dups of this bug, so it is not
immediately obvious that this is actually a frequently reported bug. But if
you don't believe me, I'm happy to forward you my bugmail...! ;-)
Keywords: mostfreq
Comment 61•25 years ago
|
||
Yes, this is a rather important bug, as I noted when I reported it elsewhere.
There will be many sites that require this, as it is a common case to pass
hidden inputs with carriage returns in them. CGI.pm, in fact, has this
behavior. I will talk to them too.
Comment 62•25 years ago
|
||
*** Bug 48397 has been marked as a duplicate of this bug. ***
Comment 63•25 years ago
|
||
A URL for those who are interested in testing (I don't have permissions to set
that field): http://home.earthlink.net/~johnkeiser/mozbug/hidden-field.html
Comment 64•25 years ago
|
||
Wanted to let people know that CGI.pm has fixed this problem on the server side
in v2.71, which should come out sometime soon. When it does, you can get it at
http://stein.cshl.org/WWW/software/CGI/.
I figured this was relevant because a lot of people use that lib.
Comment 65•25 years ago
|
||
Talking to Eric it sounds like the remaining problem is a parser issue.
Reassign to harishd
Clearing the dogfood+ since it no longer truncates the message. It only looses
carriage returns now.
Also clearing nsbeta3+.
Clearing [Aug 15] date from status as well.
Assignee: pollmann → harishd
Status: ASSIGNED → NEW
Whiteboard: [dogfood+] [nsbeta3+] 15-Aug-2000
Comment 66•25 years ago
|
||
Putting on [dogfood-]...we let eng mgr set nsbeta + or -
Whiteboard: [dogfood-]
Target Milestone: M12 → M18
Comment 67•25 years ago
|
||
Since it's not a dogfood anymore and the risk in fixing, even though the fix
would be simple, this bug would be great I'm inclined to mark this bug FUTURE.
If it's an error please renominate it for beta3. Thanx.
Status: NEW → ASSIGNED
Target Milestone: M18 → Future
Comment 68•25 years ago
|
||
harishd: this is an important bug, affecting many CGI scripts which will start
failing in a hard-to-track way on Netscape 6.0. CGI.pm, the main CGI lib used
by developers up through 2.70 (2.71 is not even out yet) does not escape the
values, and even those using the lib often don't use its facility to print
hidden fields, instead printing them directly. The many bugs that have
appeared on this subject are most likely from many of these developers who are
testing or developing their apps using Mozilla.
One big reason why it affects so much is a common technique among CGI
developers doing "Wizard"-like interfaces. They pass their values around the
app in hidden fields until the user hits "Finish" or something similar. many
such programs have text areas in them.
This bug will be especially prevalent on intranets, where the Web is used for a
lot of data entry.
I think this needs to get into Netscape before final, given that it affects so
much.
Comment 69•25 years ago
|
||
Marking beta3+.
Whiteboard: [dogfood-] → nsbeta3+
Target Milestone: Future → M18
Comment 71•24 years ago
|
||
Harish has the fix in hand and will try to check it in by tomorrow.
Whiteboard: [nsbeta3+][dogfood-] → [nsbeta3+][dogfood-][fixinhand]
Status: ASSIGNED → RESOLVED
Closed: 25 years ago → 24 years ago
Resolution: --- → FIXED
Comment 72•24 years ago
|
||
Not stripping newlines/carriage return anymore. This bug should be fxd.
Marking FIXED.
Comment 73•24 years ago
|
||
Yep, it works for me.
Comment 74•24 years ago
|
||
Looks like the bug has returned. When there is a link in the body of the
text area like:
<A href="http://www.yahoo.com">Yahoo.com</A>
The text area displays:
<A href="http://www.yahoo.com">href="http://www.yahoo.com"Yahoo.com</A>
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 75•24 years ago
|
||
Could you elaborate a bit? Do you mean if you put something like
<TEXTAREA COLS=40>
<A HREF="http://www.yahoo.com">Yahoo</A>
</TEXTAREA>
then it shows up wrong in the textarea? When I do that it works fine for me
(see http://home.earthlink.net/~johnkeiser/mozbug/textarea-href.html) ...
Also not sure how it relates to this bug. The problem does not appear to have
to do with newlines at all.
Reporter | ||
Comment 76•24 years ago
|
||
this is a dup, rickg please check this fix in, this is
dogfood for people running mozilla.org with .. mozilla.
Reporter | ||
Comment 77•24 years ago
|
||
rickg checked in, I think this is a dup of bug 49278,
someone please verify & mark it so.
Comment 78•24 years ago
|
||
If 49278 is fixed then this should be fixed. Giving bug to rickg to verify if
this bug is fixed.
Assignee: harishd → rickg
Status: REOPENED → NEW
Assignee | ||
Comment 79•24 years ago
|
||
This does appear to be a dup. The both pollmann's attachment and the inline
testcase: <A href="http://www.yahoo.com">Yahoo.com</A> are working now.
Status: NEW → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
Comment 80•24 years ago
|
||
Alright its fixed now. Verifying on
-Windows 98 build 2000-09-26-08-M18
-Linux RedHat6.2 build 2000-09-27-08-M18
Status: RESOLVED → VERIFIED
Comment 81•20 years ago
|
||
*** Bug 256027 has been marked as a duplicate of this bug. ***
You need to log in
before you can comment on or make changes to this bug.
Description
•