tracker issue : CF-4134759

select a category, or use search below
(searches all categories and all time range)
Title:

cfform input field converts any instance of &le to ?

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Dean Nakanishi / Dean Nakanishi (Dean Nakanishi)

Created: 04/01/2016

Components: CFForm

Versions: 11.0

Failure Type: Enhancement Request

Found In Build/Fixed In Build: CF11_Final / CF11 HF 8

Priority/Frequency: Trivial / Unknown

Locale/System: English / Windows 7 32 bit

Vote Count: 1

In any cfinput text tag value, it will auto convert any text that it finds in a cfinput tag where it sees the string: &le and auto convert that to the symbol ?  .   It should definitely not do this!

Here is a very simple example you can run.
Notice that when you run this code in a coldfuion page, it will convert:
   http://www.nl.edu?leadcategory=Website&leadsource=1
to the following (when it really shouldn't!):
   http://www.nl.edu?leadcategory=Website?adsource=1

<html>
<body>
	<cfform>
		<cfinput type="text" name="deantesting" value="http://www.nl.edu?leadcategory=Website&leadsource=1" size="50">
	</cfform>
</body>
</html>

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4134759

External Customer Info:
External Company:  
External Customer Name: Dean Nakanishi
External Customer Email:  
External Test Config: System Information

Server Details

Server Product 	ColdFusion

Version 	11,0,07,296330

Tomcat Version 	7.0.64.0

Edition 	Enterprise  

Operating System 	Windows Server 2008  

OS Version 	6.0  

Update Level 	D:/ColdFusion11/cfusion/lib/updates/chf11000007.jar  

Adobe Driver Version 	5.1.3 (Build 000094)  

JVM Details

Java Version 	1.8.0_25  

Java Vendor 	Oracle Corporation  

Java Vendor URL 	http://java.oracle.com/

Java Home 	D:\ColdFusion11\jre  

Java File Encoding 	Cp1252  

Java Default Locale 	en_US  

File Separator 	\  

Path Separator 	;  

Line Separator 	Chr(13)

User Name 	websrvs  

User Home 	C:\Users\websrvs  

User Dir 	D:\ColdFusion11\cfusion\bin  

Java VM Specification Version 	1.8  

Java VM Specification Vendor 	Oracle Corporation  

Java VM Specification Name 	Java Virtual Machine Specification  

Java VM Version 	25.25-b02  

Java VM Vendor 	Oracle Corporation  

Java VM Name 	Java HotSpot(TM) Server VM  

Java Specification Version 	1.8  

Java Specification Vendor 	Oracle Corporation  

Java Specification Name 	Java Platform API Specification  

Java Class Version 	52.0

Attachments:

Comments:

Confirmed that this behavior also exists in CF 2016 (Win 2012R2).
Vote by External U.
3175 | April 02, 2016 08:00:28 AM GMT
The cfinput text tag field also seems to convert the following strings: &le = is auto converted to ? &lt = is auto converted to < &gt = is auto converted to ? &ge = is auto converted to > Again, the cfinput text value should NOT auto convert the string values to these special characters when the coldfusion page loads!
Comment by External U.
3171 | April 07, 2016 09:43:10 AM GMT
Correction, this bug probably applies to both 32 bit and 64 bit version of Coldfusion 11 and Coldfusion 2016. Thus this bug is much bigger than originally reported.
Comment by External U.
3172 | April 07, 2016 10:15:02 AM GMT
This bug is fixed and it is available for CF 11 Update 8
Comment by Subir J.
3173 | May 30, 2016 05:22:23 AM GMT
Thank you Subir!
Comment by External U.
3174 | May 31, 2016 08:28:34 AM GMT