Webchat bug with username and quotes

Olexandr_Pokhvalit · October 13, 2008, 5:27pm

I find a strange bug in webchat module.

I setup openfire 3.6.0 and webchat 4.0.0 (all latest versions). In Form UI username field has a “Populate with user’s previous choice.” option selected. Web authentication option enabled too.

So, when a user login via web form a first time - all OK. But, when user visit login page again - he has a filled username filed. But this username in quotes! Of course, user can’t login, because username incorrect. In next login try user got username with two quotes before and after text, etc.

I looked into source of HTML page and see code like this:

<td class="formtext" height="1%" width="1%" nowrap>Name:&nbsp;<span class="error">*</span></td><td><input type="text" name="username" value=&quot;jeff&quot; style="width:75%"></td>

The Value field of input tag is incorrect formatted - not quotes, but html quot sign inserted.

Is there any ideas?

Olexandr_Pokhvalit · October 14, 2008, 5:04pm

Nobody halp me

OK, will do that myself

There is a bug in the FormUtils.createAnswer function. I so lazy for make a patch , so just look here:

get svn source
goto webchat/src/java/org/jivesoftware/webchat/util directory and open for edition FormUtils.java file
look for string:

public static String createAnswers

It is a declaration of FormUtils.createAnswer function. Look for strings (in few strings down):

if(ModelUtil.hasLength(cookieValue)){
            insertValue = "value=\""+cookieValue+"\"";^ } builder.append("<input type=\"text\" name=\"" + formField.getVariable() + "\" "+StringUtils.escapeHTMLTags(insertValue)+" style=\"width:75%\">");

and replace by this code:

if(ModelUtil.hasLength(cookieValue)){
            insertValue = "value=\""+StringUtils.escapeHTMLTags(cookieValue)+"\"";
}
builder.append("<input type=\"text\" name=\"" + formField.getVariable() + "\" "+insertValue+" style=\"width:75%\">");

Rebuild plugin.

Voila!

Plugin, rebuilded for openfire 3.6.0, is attached here.
webchat.war (2232134 Bytes)

akrherz · October 14, 2008, 5:28pm

Hi,

I have submitted your patch suggestion to Jira.

http://www.igniterealtime.org/issues/browse/JM-1475

daryl

akrherz · February 23, 2013, 1:17pm

Hi,

This issue is now OF-101, is it still needed?

daryl