[Mono-dev] [PATCH] System.Web.Compilation/AspTokenizer.cs

Juraj Skripsky js at hotfeet.ch
Mon Jun 19 07:26:25 EDT 2006


Hi Konstantin,

I don't think that just moving it into the !inServerTag case will solve
the problem. I'm trying to achieve identical behaviour with MS.NET for
the following cases:

1) <asp:Literal text="<%# "Test" %>" runat="server" />
2) <asp:Literal text='<%# "Test" %>' runat="server" />
3) <img src="blah.aspx?id=<%# "Test" %>" />

On MS.NET, 1 and 3 compile, 2 results in an parser error.
For server controls, MS.NET does not seem to allow the same quoting
characters to be used inside attribute <%...%>-blocks as the ones used
for the attribute value itself - irregardless of the language used for
the server side code.

Browsers treat inline javascript code the same way:
1) <a href="javascript:alert("hello world")">Click me</a>
2) <a href="javascript:alert('hello world')">Click me</a>

Case 2 works while 1 does not. You are not allow to use "s both inside
and outside of the attribute's value.

As far as my tests go, the patch I've posted achieves compatibility with
MS.NET.

- Juraj



On Mon, 2006-06-19 at 03:51 -0700, Konstantin Triger wrote:
> Hi Juraj,
> 
> You are right, I missed the (!inServerTag) condition above. But I don't think parser/tokenizer should count quotes inside the inline server code (which is regulated by inServerTag flag, to my understanding). This is because parser/tokenizer should be unaware of the language the server side code written with and thus its syntax. If there is an error, the compilation should fail.
> 
> I think the 
> 
> if (quoted && c == quoteChar) {
>    return Token.NOTWELLFORMED;
> }
> 
> Should be moved to the (!inServerTag) condition scope, and this will do the trick.
> 
> Regards,
> Konstantin Triger
> 
> -----Original Message-----
> From: Juraj Skripsky [mailto:js at hotfeet.ch] 
> Sent: Monday, June 19, 2006 11:59 AM
> To: Konstantin Triger
> Cc: mono-devel-list at ximian.com
> Subject: Re: [Mono-dev] [PATCH] System.Web.Compilation/AspTokenizer.cs
> 
> Hi,
> 
> The patch you propose is not quite right:
> 
> ...
>                } else if (!inServerTag) {
> ...
> ...
>                } else if (!inServerTag && quoted && c == quoteChar) {
>                      return Token.NOTWELLFORMED;
>                }
> 
> The case "!inServerTag" is already handled a few lines before, making
> "return Token.NOTWELLFORMED" unreachable.
> 
> But there is a problem with fix 61757. The quoting rules (or rather the
> rules of their nesting) change depending on whether we're inside a
> server control or not.
> 
> We probably need to tokenize all attributes as if we're not inside a
> server control, noting whether the stricter rules were violated or not.
> After reading all attributes we check for the presence of runat="server"
> and throw in the case of violation.
> 
> I'll have a look at it.
> 
> - Juraj
> 
> 
> 
> On Mon, 2006-06-19 at 01:17 -0700, Konstantin Triger wrote:
> > Hello,
> > 
> >  
> > 
> > Following the fix 61757: this code started throwing not well formed:
> > 
> > <img src="Handler.ashx?PhotoID=<%# Eval("PhotoID") %>&Size=M" />
> > 
> >  
> > 
> > This is because Eval(…) contains quotes. The attached patch fixes that
> > by ignoring quotes inside server tag.
> > 
> >  
> > 
> > Please review.
> > 
> >  
> > 
> > Regards,
> > 
> > Konstantin Triger
> > 
> >  
> > 
> > 
> > _______________________________________________
> > Mono-devel-list mailing list
> > Mono-devel-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-devel-list
> 
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list




More information about the Mono-devel-list mailing list