Better fix https://issues.apache.org/bugzilla/show_bug.cgi?id=43617

Correctly handle quotes in attribute values for tag(x) files.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@651729 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/java/org/apache/jasper/compiler/Generator.java b/java/org/apache/jasper/compiler/Generator.java
index 4f0a4f8..5c6ab68 100644 (file)
--- a/java/org/apache/jasper/compiler/Generator.java
+++ b/java/org/apache/jasper/compiler/Generator.java
@@ -1751,14 +1751,9 @@ class Generator {
                 out.print(" ");
                 out.print(attrs.getQName(i));
                 out.print("=");
-                String quote = DOUBLE_QUOTE;
-                String value = attrs.getValue(i);
-                if (value.indexOf('"') != -1) {
-                    quote = SINGLE_QUOTE;
-                }
-                out.print(quote);
-                out.print(value);
-                out.print(quote);
+                out.print(DOUBLE_QUOTE);
+                out.print(attrs.getValue(i).replace("\"", """));
+                out.print(DOUBLE_QUOTE);
             }
 
             attrs = n.getAttributes();
@@ -1773,14 +1768,9 @@ class Generator {
                     out.print(attributeValue(jspAttrs[i], false, String.class));
                     out.print(" + \"\\\"");
                 } else {
-                    String quote = DOUBLE_QUOTE;
-                    String value = attrs.getValue(i);
-                    if (value.indexOf('"') != -1) {
-                        quote = SINGLE_QUOTE;
-                    }
-                    out.print(quote);
-                    out.print(value);
-                    out.print(quote);
+                    out.print(DOUBLE_QUOTE);
+                    out.print(attrs.getValue(i).replace("\"", """));
+                    out.print(DOUBLE_QUOTE);
                 }
             }