We are developing some JSF web applications with PrimeFaces.
It is possible in inputText to copy/paste text with a non UTF-8 character like `` (Here is the character) and save the page. But there is an error in the rendered HTML:
Error: Forbidden code point U+fffe.
The browser doesn't show (hide) the error, it shows the non UTF-8 character (works like in a normal case)!
But, after this page will be sent from the server to the browser in an Ajax response, the browser shows an error in the console! And the user can see the error!
Console message:
XML Parsing Error: not well-formed
What is the best way to handle this error?
I have a lot of bad ideas. :)
Validate input before save!
- Client side with Javascript can be general, but not secure.
- Replace bad characters to
''can cause misunderstanding by user. There are a lot of bad characters which are like right-accented characters. - I can make a validator for JSF, but I should register it to all
inputTextcomponents one by one.
Perhaps I can search the Javascript what parses Ajax responses and patch it.
'Minimal' reproduction:
- Download the source
- mvn clean package
- download wildfly 32.0.1.Final
- copy the war from project's target to wildfly/standalone/deployments
- start wildfly
- http://localhost:8080/utf8/main.xhtml
- After copy paste the bad character and click the button, its failed.
I think, the main problem is that Ajax uses XML. And there are a lot of characters in UTF-8 that aren't valid in XML.
How can I check my string fast in Java if there are any invalid characters?
Some other happenings
There are some strange behavior. U+0002 character is removed by jsf writer.
- I type U+0002 and click the button
- Server side bean property was set.
- But the renderResponse phase the Html writer logic has removed this character.
With U+FFFE character is other. I wrote a validator and it throws ValidatorException, but by the renderResponse Phase U+FFFE character appeared.
I think this mojarra bug can be very identical bug: