Bug 1009079 - Guided rule editor does not escape bad characters
Guided rule editor does not escape bad characters
Product: JBoss BRMS Platform 6
Classification: JBoss
Component: Business Central (Show other bugs)
Unspecified Unspecified
high Severity high
: ER6
: 6.0.0
Assigned To: Toni Rikkola
Zuzana Krejčová
Depends On:
  Show dependency treegraph
Reported: 2013-09-17 11:45 EDT by Zuzana Krejčová
Modified: 2016-07-31 21:08 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-08-06 16:19:39 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
corrupted rule (13.52 KB, image/png)
2013-09-17 11:45 EDT, Zuzana Krejčová
no flags Details
corrupted rule - source (8.96 KB, image/png)
2013-09-17 11:45 EDT, Zuzana Krejčová
no flags Details

  None (edit)
Description Zuzana Krejčová 2013-09-17 11:45:06 EDT
Created attachment 798871 [details]
corrupted rule

Description of problem:
Bad characters are not escaped in the guided rule editor: " and \ can seriously corrupt the rule.
Comment 1 Zuzana Krejčová 2013-09-17 11:45:34 EDT
Created attachment 798872 [details]
corrupted rule - source
Comment 5 Zuzana Krejčová 2013-12-09 05:09:08 EST
Not fixed.

First, not allowing users to compare text fields (String attributes) using these characters (", \) is not a good solution. User now cannot type these chars into the input field. Please fix this.
Second, it is possible to do a copy&paste and if you add these character this way, they are still not escaped. Please, fix that as well.
Comment 6 Toni Rikkola 2013-12-12 07:37:50 EST
User can now type anything and we escape the characters for the DRL source.

Link to the original fix. Just a reminder.

New fix:
master https://github.com/droolsjbpm/kie-wb-common/commit/51ba48ba2
6.0.x https://github.com/droolsjbpm/kie-wb-common/commit/38fe77f00

Note You need to log in before you can comment on or make changes to this bug.