I am curious about a edge case I have run across when using ajax requests in JSF / primefaces.
I found that if I input a form feed character ("/f" in java or 0x0C in hex) into a request that is handled via ajax it causes the ajax request to fail because the xml generated is considered invalid. I would only expect this scenario to come up if a user is copying and pasting something from another document which happens to contain this character or more likely a QA person (or malicious user) input the character in an attempt to ruin my day.
Exact response I see in chrome developer tools:
<partial-responseid="j_id1">
<parsererror>
<h3>This page contains the following errors:</h3>
<div>
error on line 2 at column 68: Input is not proper UTF-8, indicate encoding !
Bytes: 0x0C 0x20 0x63 0x61
</div>
<h3>Below is a rendering of the page up to the first error.</h3>
</parsererror>
<changes>
<update id="j_idt5"/>
</changes>
</partial-response>
Sample Project to reproduce the error
There seems to be a limitation in XML that this character cannot be included in XML 1.0 so is there anything that JSF / primefaces can do to avoid this scenario or am I asking too much from the framework? If I cannot get JSF / primefaces to handle this gracefully how can I make it so that a proper error page is generated and the issue is logged somewhere other then the users console?
