Modify

Opened 7 years ago

Closed 7 years ago

#8730 closed defect (fixed)

Don't parse HTML code in key-value OSM

Reported by: Manu1400 Owned by: team
Priority: normal Milestone:
Component: Core Version:
Keywords: template_report exception Cc:

Description

What steps will reproduce the problem?

  1. Create a new calc
  2. Add a node with a key-value where value is <html><body><script>alert("go");</script></body></html>

What is the expected result?
The HTML code don't need to be parsed. Don't parse, because it mask text and it create this exception.

What happens instead?
Exceptions is display. And if i mask exceptions, i have mutch graphic problem (for this calc)

Please provide any additional information below. Attach a screenshot if
possible.

Repository Root: http://josm.openstreetmap.de/svn
Build-Date: 2013-05-08 01:34:29
Last Changed Author: stoecker
Revision: 5939
Repository UUID: 0c6e7542-c601-0410-84e7-c038aed88b3b
URL: http://josm.openstreetmap.de/svn/trunk
Last Changed Date: 2013-05-07 14:05:08 +0200 (Tue, 07 May 2013)
Last Changed Rev: 5939

Identification: JOSM/1.5 (5939 fr) Windows 7 64-Bit
Memory Usage: 247 MB / 247 MB (8 MB allocated, but free)
Java version: 1.7.0_17, Oracle Corporation, Java HotSpot(TM) Client VM
VM arguments: [-Djava.security.policy=file:C:\Program Files (x86)\Java\jre7\lib\security\javaws.policy, -DtrustProxy=true, -Xverify:remote, -Djnlpx.home=C:\Program Files (x86)\Java\jre7\bin, -Djnlpx.origFilenameArg=C:\Users\Emmanuel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\73111055-753249a5, -Djnlpx.remove=false, -Dsun.awt.warmup=true, -Xbootclasspath/a:C:\Program Files (x86)\Java\jre7\lib\javaws.jar;C:\Program Files (x86)\Java\jre7\lib\deploy.jar;C:\Program Files (x86)\Java\jre7\lib\plugin.jar, -Djnlpx.splashport=63854, -Djnlp.application.href=http://josm.openstreetmap.de/download/josm.jnlp, -Djnlpx.jvm=C:\Program Files (x86)\Java\jre7\bin\javaw.exe, -Djnlpx.vmargs=-Djnlp.application.href=http://josm.openstreetmap.de/download/josm.jnlp]
Dataset consistency test: No problems found

Plugin: FastDraw (29532)
Plugin: OpeningHoursEditor (29435)
Plugin: geotools (29435)
Plugin: jts (29435)
Plugin: opendata (29505)
Plugin: reverter (29561)
Plugin: scripting (30300)
Plugin: utilsplugin2 (29435)

java.lang.ClassCastException: org.openstreetmap.josm.gui.dialogs.properties.PropertiesDialog$2 cannot be cast to javax.swing.text.JTextComponent
	at javax.swing.text.html.EditableView.paint(Unknown Source)
	at javax.swing.text.BoxView.paintChild(Unknown Source)
	at javax.swing.text.BoxView.paint(Unknown Source)
	at javax.swing.text.BoxView.paintChild(Unknown Source)
	at javax.swing.text.BoxView.paint(Unknown Source)
	at javax.swing.text.ParagraphView.paint(Unknown Source)
	at javax.swing.text.html.ParagraphView.paint(Unknown Source)
	at javax.swing.text.BoxView.paintChild(Unknown Source)
	at javax.swing.text.BoxView.paint(Unknown Source)
	at javax.swing.text.html.BlockView.paint(Unknown Source)
	at javax.swing.text.BoxView.paintChild(Unknown Source)
	at javax.swing.text.BoxView.paint(Unknown Source)
	at javax.swing.text.html.BlockView.paint(Unknown Source)
	at javax.swing.plaf.basic.BasicHTML$Renderer.paint(Unknown Source)
	at javax.swing.plaf.basic.BasicLabelUI.paint(Unknown Source)
	at javax.swing.plaf.ComponentUI.update(Unknown Source)
	at javax.swing.JComponent.paintComponent(Unknown Source)
	at javax.swing.JComponent.paint(Unknown Source)
	at javax.swing.CellRendererPane.paintComponent(Unknown Source)
	at javax.swing.plaf.basic.BasicTableUI.paintCell(Unknown Source)
	at javax.swing.plaf.basic.BasicTableUI.paintCells(Unknown Source)
	at javax.swing.plaf.basic.BasicTableUI.paint(Unknown Source)
	at javax.swing.plaf.ComponentUI.update(Unknown Source)
	at javax.swing.JComponent.paintComponent(Unknown Source)
	at javax.swing.JComponent.paint(Unknown Source)
	at javax.swing.JComponent.paintToOffscreen(Unknown Source)
	at javax.swing.RepaintManager$PaintManager.paintDoubleBuffered(Unknown Source)
	at javax.swing.RepaintManager$PaintManager.paint(Unknown Source)
	at javax.swing.RepaintManager.paint(Unknown Source)
	at javax.swing.JComponent._paintImmediately(Unknown Source)
	at javax.swing.JComponent.paintImmediately(Unknown Source)
	at javax.swing.RepaintManager$3.run(Unknown Source)
	at javax.swing.RepaintManager$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
	at javax.swing.RepaintManager.paintDirtyRegions(Unknown Source)
	at javax.swing.RepaintManager.paintDirtyRegions(Unknown Source)
	at javax.swing.RepaintManager.prePaintDirtyRegions(Unknown Source)
	at javax.swing.RepaintManager.access$1000(Unknown Source)
	at javax.swing.RepaintManager$ProcessingRunnable.run(Unknown Source)
	at java.awt.event.InvocationEvent.dispatch(Unknown Source)
	at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
	at java.awt.EventQueue.access$200(Unknown Source)
	at java.awt.EventQueue$3.run(Unknown Source)
	at java.awt.EventQueue$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
	at java.awt.EventQueue.dispatchEvent(Unknown Source)
	at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
	at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
	at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
	at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
	at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
	at java.awt.EventDispatchThread.run(Unknown Source)

Attachments (0)

Change History (1)

comment:1 Changed 7 years ago by Don-vip

Resolution: fixed
Status: newclosed

In 5975/josm:

fix #8730 - Don't interpret HTML code in value JLabel of properties dialog

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain team.
as The resolution will be set.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.