Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 902812 - Output of JNDI View MBean, invoked through jmx-console has bad html markup
Output of JNDI View MBean, invoked through jmx-console has bad html markup
Status: NEW
Product: JBoss Enterprise SOA Platform 5
Classification: JBoss
Component: Monitoring and Management (Show other bugs)
5.3.1
Unspecified Unspecified
unspecified Severity high
: ER5
: 5.3.1
Assigned To: Default User
Matej Melko
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-01-22 08:09 EST by Jiri Sedlacek
Modified: 2018-03-29 17:50 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The output of JNDI View MBean, invoked through jmx-console, renders incorrectly. This is because, in the HTML source code, HTMNL tags are encoded with < and >, so they do not displayed properly in browsers.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker JBPAPP-10598 Minor Open Output of JNDI View MBean, invoked through jmx-console has bad html markup 2017-05-09 23:51 EDT

  None (edit)
Description Jiri Sedlacek 2013-01-22 08:09:18 EST 
Description of problem:

The output of JNDI View MBean, invoked through jmx-console looks like the example below:

<h1> Other components with java:comp namespace</h1>
<h2>java:comp namespace of the component jboss.j2ee:jar=jaxws-jbws944.jar,name=FooBean01,service=EJB3 :</h2>
<pre>
  +- EJBContext[link -> java:internal/EJBContext] (class: javax.naming.LinkRef)
  +- TransactionSynchronizationRegistry[link -> java:TransactionSynchronizationRegistry] (class: javax.naming.LinkRef)
  +- UserTransaction (class: org.jboss.ejb3.tx.UserTransactionImpl)
  +- env (class: org.jnp.interfaces.NamingContext)
  +- ORB[link -> java:/JBossCorbaORB] (class: javax.naming.LinkRef)
</pre>
<h1>java: Namespace</h1>
<pre>
  +- BPELDB (class: org.jboss.resource.adapter.jdbc.WrapperDataSource)
  +- securityManagement (class: org.jboss.security.integration.JNDIBasedSecurityManagement)
  +- comp (class: javax.namingMain.Context)
  +- JBossESBDS (class: org.jboss.resource.adapter.jdbc.WrapperDataSource)
  +- XAConnectionFactory (class: org.hornetq.jms.client.HornetQXAConnectionFactory)


In the html source code, html tags are encoded with &lt; and &gt;, so these are not displayed properly in browsers.
Comment 1 Len DiMaggio 2013-01-22 09:39:48 EST 
This is an EAP bug - in EAP 5.2.0.ER6
Comment 2 Len DiMaggio 2013-01-22 10:55:27 EST 
It's not a bug in EAP 5.1.2
Comment 4 JBoss JIRA Server 2013-03-20 17:14:42 EDT 
Chris Sams <csams@redhat.com> made a comment on jira JBPAPP-10598

It looks like this also is an issue elsewhere in jmx-console:

jboss.messaging.destination topic has an mbean operation named:  listAllSubscriptionsAsHTML with the same behavior.
Comment 5 JBoss JIRA Server 2013-07-03 12:10:56 EDT 
Tom Fonteyne <tfonteyn@redhat.com> made a comment on jira JBPAPP-10598

It was introduced due to added security for preventing cross-site scripting.
I'm currently looking at it, but not sure yet if/what can be done.

Slightly related is: https://issues.jboss.org/browse/JBPAPP-10803
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.