#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Fix Logic Bug in ACFUtil.htmlDecode()

Using Domino V11 (bug also existed since at least 9.0.1 FP7)

 

The following method

com.ibm.trl.acf.impl.util.ACFUtil.htmlDecode(String string)

in the plugin com.ibm.designer.lib.acf

 

has a logic bug which you can reproduce with the following 2 line test

 

        String value = "color: rgb(50, 49, 48); font-family: &quot";
        ACFUtil.htmlDecode(value);

 

 

We have an XPages application in which we view emails that have been received from external.

We are using the ACFFilter to ensure that no malicious content is rendered

 

However we (very occasionally) receive a FacesExceptionEx when some particular content comes through.

When we debug we can trace this to a StringIndexOutOfBoundsException in the htmlDecode method mentioned above

 

It seems that it is doing a test like this:

 

i >= length  || (value.charAt(i + 1) != ';'

 

but this test causes an out of bounds exception when i = 41 and the string length is 42

 

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Feb 17 2020
  • Needs clarification
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    20 Feb 11:15pm

    FYI I am still waiting from a response from HCL regarding opening a support account so can

    we please leave this idea here until I can confirm that I have an account and the ability to raise a bug report

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    19 Feb 03:02am

    Sure thing.

    I have submitted a request this morning to get an account with HCL Support

    If I get a response / account then I will post this as a bug report

  • Admin
    Thomas Hampel commented
    18 Feb 09:06am

    Can you please raise a support ticket to handle this bugreport apropriately?