Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0040703Openbravo ERPZ. Otherspublic2019-04-04 13:422019-04-30 16:59
Reporteralostale 
Assigned Tononofrancisco 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target Version3.0PR19Q1.1Fixed in Version3.0PR19Q1.1 
Merge Request Status
Review Assigned ToSandrahuguet
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0040703: use proper character escape
DescriptionIn the following classes
  src.org.openbravo.erpCommon.ad_reports.GeneralAccountingReports
  src.org.openbravo.erpCommon.ad_reports.ReportGeneralLedger
  src.org.openbravo.erpCommon.ad_reports.ReportGeneralLedgerJournal
  src.org.openbravo.erpCommon.ad_reports.ReportInvoiceCustomerDimensionalAnalysesJR
  src.org.openbravo.erpCommon.ad_reports.ReportMaterialDimensionalAnalysesJR
  src.org.openbravo.erpCommon.ad_reports.ReportSalesDimensionalAnalyzeJR
  src.org.openbravo.erpCommon.ad_reports.ReportShipmentDimensionalAnalyzeJR
  src.org.openbravo.erpCommon.ad_reports.ReportTrialBalance

escape html when directly printing it without xmlengine.
Steps To Reproduce-
Proposed SolutionIe use StringEscapeUtils.escapeHtml
Additional Information
TagsNo tags attached.
Relationships
blocks defect 0040524 closed nonofrancisco use proper character escape 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2019-04-29 13:35nonofranciscoTypedefect => backport
2019-04-29 13:35nonofranciscoTarget Version => 3.0PR19Q1.1
2019-04-30 16:56hgbotCheckin
2019-04-30 16:56hgbotNote Added: 0111396
2019-04-30 16:56hgbotStatusscheduled => resolved
2019-04-30 16:56hgbotResolutionopen => fixed
2019-04-30 16:56hgbotFixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR19Q1.1/rev/416f9ae5960cc63ed09487ce90fb031b9f4ed0a7 [^]
2019-04-30 16:59SandrahuguetReview Assigned To => Sandrahuguet
2019-04-30 16:59SandrahuguetNote Added: 0111399
2019-04-30 16:59SandrahuguetStatusresolved => closed
2019-04-30 16:59SandrahuguetFixed in Version => 3.0PR19Q1.1

Notes
(0111396)
hgbot   
2019-04-30 16:56   
Repository: erp/backports/3.0PR19Q1.1
Changeset: 416f9ae5960cc63ed09487ce90fb031b9f4ed0a7
Author: Nono Carballo <nonofce <at> gmail.com>
Date: Tue Apr 30 13:04:51 2019 +0200
URL: http://code.openbravo.com/erp/backports/3.0PR19Q1.1/rev/416f9ae5960cc63ed09487ce90fb031b9f4ed0a7 [^]

Fixes issue 40703: Escapes values printed to servlet response

Escapes values before printing them to Servlet response.

---
M src/org/openbravo/erpCommon/ad_reports/GeneralAccountingReports.java
M src/org/openbravo/erpCommon/ad_reports/ReportGeneralLedger.java
M src/org/openbravo/erpCommon/ad_reports/ReportGeneralLedgerJournal.java
M src/org/openbravo/erpCommon/ad_reports/ReportInvoiceCustomerDimensionalAnalysesJR.java
M src/org/openbravo/erpCommon/ad_reports/ReportMaterialDimensionalAnalysesJR.java
M src/org/openbravo/erpCommon/ad_reports/ReportSalesDimensionalAnalyzeJR.java
M src/org/openbravo/erpCommon/ad_reports/ReportShipmentDimensionalAnalyzeJR.java
M src/org/openbravo/erpCommon/ad_reports/ReportTrialBalance.java
---
(0111399)
Sandrahuguet   
2019-04-30 16:59   
Code review + testing OK