tracker issue : CF-4207236

select a category, or use search below
(searches all categories and all time range)

Issue with the XMLParse() function after update to Java 8.241 (possibly introduced in 8.231)

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/Duplicate

Reporter/Name(from Bugbase): Miguel F. / ()

Created: 02/18/2020

Components: Language, XML

Versions: 11.0

Failure Type: Non Functioning

Found In Build/Fixed In Build: 11,0,15,311399 / 2018.0.07.316715

Priority/Frequency: Normal / All users will encounter

Locale/System: English / Win 2012 Server x64

Vote Count: 1

Problem Description: We've noticed an issue with XMLParse() after updating Java to 8.241.  This is running on ColdFusion 11, Windows Server 2012 R2.  It works fine on previous version of Java. The issue appears to be with a period followed by a space `. ` within any of the XML tags. When that text is encountered within the tags XMLParse() throws an error. What's also strange is that the error reports being a permission issue trying to read a file and the file name appears to be the XML contents (which obviously do not exist as a file).

Steps to Reproduce: See provided code. Basically use XMLParse() function on any XML that contains a period followed by a space '. ' within the XML tags.

Actual Result: This error is thrown:
access denied ("" "X:\test\ <?xml version="1.0" ?> <extension type="Component" subType="Icon Grid" hasBody="0"> <attributeset name="Icon Grid Content" container="Basic"> <attribute name="iconGridBorderStyle" label="Border Style" hint="The bordered option will show a border around each item. The default is unbordered." type="radiogroup" defaultValue="unbordered" required="false" validation="" regex="" message="" optionList="Bordered^Unbordered" optionLabelList="bordered^unbordered" \> <\attributeset> <\extension> " "read") 

Expected Result: XML is parsed correctly.

Any Workarounds: None.



Found this issue reported for ColdFusion 2016 which seems like the same problem.
Comment by Miguel F.
33147 | February 18, 2020 06:56:29 PM GMT
We also have sandbox security enabled on these servers.
Comment by Miguel F.
33148 | February 18, 2020 07:02:50 PM GMT
Very similar issue with ColdFusion 2016, when sandbox security is enabled. We're also using Java 241 as well.
Comment by Justin H.
33149 | February 18, 2020 09:17:31 PM GMT
This bug was closed as fixed but it is not. The hotfix for the CF2016 issue was given to me but it does not fix the problem on CF11.
Comment by Miguel F.
33169 | February 21, 2020 12:38:18 PM GMT
Miguel which hotfix were you given? We are on hotfix 13 and still experience the same problem. I have not seen a hotfix past 13 yet.
Comment by Justin H.
33224 | March 02, 2020 06:44:57 PM GMT
You are referring to an "update". Update 13 is the latest for CF2016. Adobe emailed me directly a "hotfix" specifically for this issue. Unfortunately it did not resolve the issue for me but I am still on CF11. They told me the fix was actually for CF2016. Let me see if I can DM you on this...
Comment by Miguel F.
33225 | March 02, 2020 07:05:12 PM GMT
We have recently encountered a similar issue after implementing CF2016 HF13 with Java 11.0.5 in place.
Vote by Paul T.
33252 | March 08, 2020 01:00:43 PM GMT