[Htmlunit-user] FW: problem with cached event handlers

[David H. <DH...@St...>]

I should have posted this to the users list, not the dev list:

After upgrading from 2.9 to 2.14 we have a number of failing tests that involve making sure end users can't perform obvious hacks. These tests involve modifying an HTML page before submitting it back to the server. We are seeing the HTML has been correctly updated, but when we change properties in the HTML through HTMLUnit, those changes are no longer executed properly since upgrading.

the element looks like this
HtmlButtonInput[<input type="button" id="resend1" onclick="resend(19, 'jdoe');" value="Resend">]

but the elements scriptObject_.eventListenersContainer_.eventHandlers_[0].value.handler_.jsSnippet = function onclick() {resend(19, 'smith');}

note the element was hacked to change the user from smith to jdoe, but HTMLUnit still submits smith.

Dave

This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the originator of the message. This footer also confirms that this e-mail message has been scanned for the presence of computer viruses. Any views expressed in this message are those of the individual sender, except where the sender specifies and with authority, states them to be the views of Iowa Student Loan.