powered by Jive Software

Webchat bug with username and quotes

I find a strange bug in webchat module.

I setup openfire 3.6.0 and webchat 4.0.0 (all latest versions). In Form UI username field has a “Populate with user’s previous choice.” option selected. Web authentication option enabled too.

So, when a user login via web form a first time - all OK. But, when user visit login page again - he has a filled username filed. But this username in quotes! Of course, user can’t login, because username incorrect. In next login try user got username with two quotes before and after text, etc.

I looked into source of HTML page and see code like this:

<td class="formtext" height="1%" width="1%" nowrap>Name:&nbsp;<span class="error">*</span></td><td><input type="text" name="username" value=&quot;jeff&quot; style="width:75%"></td>

The Value field of input tag is incorrect formatted - not quotes, but html quot sign inserted.

Is there any ideas?

Nobody halp me

OK, will do that myself

There is a bug in the FormUtils.createAnswer function. I so lazy for make a patch , so just look here:

  1. get svn source

  2. goto webchat/src/java/org/jivesoftware/webchat/util directory and open for edition FormUtils.java file

  3. look for string:

public static String createAnswers

It is a declaration of FormUtils.createAnswer function. Look for strings (in few strings down):

if(ModelUtil.hasLength(cookieValue)){
            insertValue = "value=\""+cookieValue+"\"";^ } builder.append("<input type=\"text\" name=\"" + formField.getVariable() + "\" "+StringUtils.escapeHTMLTags(insertValue)+" style=\"width:75%\">");

and replace by this code:

if(ModelUtil.hasLength(cookieValue)){
            insertValue = "value=\""+StringUtils.escapeHTMLTags(cookieValue)+"\"";
}
builder.append("<input type=\"text\" name=\"" + formField.getVariable() + "\" "+insertValue+" style=\"width:75%\">");
  1. Rebuild plugin.

Voila!

Plugin, rebuilded for openfire 3.6.0, is attached here.
webchat.war (2232134 Bytes)

Hi,

I have submitted your patch suggestion to Jira.

http://www.igniterealtime.org/issues/browse/JM-1475

daryl

Hi,

This issue is now OF-101, is it still needed?

daryl