Bug 1312318

Summary: [GSS](6.4.z) After upgrading to EAP 6.4.6 some of the attributes are not resolved by x:transform
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Harshada <harshada>
Component: WebAssignee: Panagiotis Sotiropoulos <psotirop>
Status: CLOSED CURRENTRELEASE QA Contact: Radim Hatlapatka <rhatlapa>
Severity: high Docs Contact:
Priority: high    
Version: 6.4.6CC: bmaxwell, cdolphy, heiner.tittelbach, jshepherd, jtruhlar, mcada, msochure, psotirop, rmaucher, rmody, rnetuka, rwagner, vtunka
Target Milestone: CR1Keywords: Reopened
Target Release: EAP 6.4.9   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-11 01:25:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1198606, 1241799    
Bug Blocks: 1324262, 1331903    
Attachments:
Description Flags
Reproducer - binary
none
Reproducer - source none

Description Harshada 2016-02-26 12:18:57 UTC 
Created attachment 1130827 [details]
Reproducer - binary

Description of problem:
After upgrading to EAP 6.4.6, some of the attributes are not resolved by x:transform

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Deploy the reproducer in EAP 6.4.5 or any version prior to EAP 6.4.6
2. Hit the link  http://localhost:8080/XslWebApp/styleError_test.jsp. Result will be Books Info: table with border/style 
3.Deploy the reproducer to EAP 6.4.6.
4. Hit the link  http://localhost:8080/XslWebApp/styleError_test.jsp. You get a exception stating that 

Actual results:

Getting the following exception :
-----------------------------------------------------------------
17:41:32,457 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/XslWebApp].[jsp]] (http-/127.0.0.1:8080-1) JBWEB000236: Servlet.service() for servlet jsp threw exception: javax.xml.transform.TransformerException: "border" attribute is not allowed on the table element!
	at org.apache.xalan.processor.StylesheetHandler.error(StylesheetHandler.java:907)
	at org.apache.xalan.processor.StylesheetHandler.error(StylesheetHandler.java:950)
	at org.apache.xalan.processor.XSLTElementProcessor.setPropertiesFromAttributes(XSLTElementProcessor.java:348)
	at org.apache.xalan.processor.XSLTElementProcessor.setPropertiesFromAttributes(XSLTElementProcessor.java:268)
	at org.apache.xalan.processor.ProcessorLRE.startElement(ProcessorLRE.java:283)
	at org.apache.xalan.processor.StylesheetHandler.startElement(StylesheetHandler.java:626)
	at org.apache.xerces.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:496)
	at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:283)
	at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1653)
	at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:324)
	at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:845)
	at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:768)
	at org.apache.xerces.parsers.XMLParser.parse(XMLParser.java:108)
	at org.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1196)
	at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:555)
	at org.apache.xalan.processor.TransformerFactoryImpl.newTemplates(TransformerFactoryImpl.java:926)
	at org.apache.xalan.processor.TransformerFactoryImpl.newTransformer(TransformerFactoryImpl.java:780)
	at __redirected.__TransformerFactory.newTransformer(__TransformerFactory.java:132) [jboss-modules.jar:1.3.7.Final-redhat-1]
	at org.apache.taglibs.standard.util.XmlUtil.newTransformer(XmlUtil.java:195) [jboss-jstl-api_1.2_spec-1.0.9.Final-redhat-1.jar:1.0.9.Final-redhat-1]
	at org.apache.taglibs.standard.tag.common.xml.TransformSupport.doStartTag(TransformSupport.java:124) [jboss-jstl-api_1.2_spec-1.0.9.Final-redhat-1.jar:1.0.9.Final-redhat-1]
	at org.apache.jsp.styleError_005ftest_jsp._jspx_meth_x_005ftransform_005f0(styleError_005ftest_jsp.java:187)
	at org.apache.jsp.styleError_005ftest_jsp._jspService(styleError_005ftest_jsp.java:81)
	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:69) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:365) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:309) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:242) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.6.Final-redhat-2.jar:7.5.6.Final-redhat-2]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_45]


----------------------------------------------------------------------------


Expected results:
This attribute should be working in EAP 6.4.6 as well.


Additional info: This is not just with the "border" attribute, a customer has faced this issue for some other attributes as well, Below is an example :

1. 13:20:55,882 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/fiola].[action]] (http-/0.0.0.0:8080-3) JBWEB000236: Servlet.service() for servlet action threw exception: javax.xml.transform.TransformerException: Das Attribut "rel" ist im Element link nicht zulässig!
Comment 1 Harshada 2016-02-26 12:20:21 UTC 
Created attachment 1130829 [details]
Reproducer - source
Comment 12 Mike McCune 2016-03-28 23:23:30 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Comment 15 Brad Maxwell 2016-04-11 01:25:29 UTC 
Closing as this issue is caused by a security precaution, to disable the secure xml processing set this system property:

-Dorg.apache.taglibs.secureXmlProcessing=false
Comment 29 Michael Cada 2016-06-27 14:39:09 UTC 
Verified with EAP 6.4.9.CP.CR2
Comment 30 JBoss JIRA Server 2016-07-15 03:03:26 UTC 
Chao Wang <chaowan> updated the status of jira JBEAP-4913 to Resolved
Comment 31 Petr Penicka 2017-01-17 12:58:13 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.
Comment 32 Petr Penicka 2017-01-17 12:58:31 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.