Java compile error after changing Documentation for a Constant.

After changing the Documentation for one of our Constants, we suddenly get a Java compile error. We added the documentation: "Username for REST Interface: domain\user". Compiling the app shows the following compile error: compile:     [javac] \Documents\Mendix\App830\javasource\myfirstmodule\proxies\constants\ error: illegal unicode escape     [javac]     * Username for REST Interface: domain\user     [javac]                                            ^ The added documentation is copied to the file in the proxies folder: Contents from the file Mendix\App830\javasource\myfirstmodule\proxies\constants\ public class Constants {     // These are the constants for the MyFirstModule module     /**     * Username for REST Interface: domain\user     */     public static java.lang.String getAUTH_username()     {         return (java.lang.String)Core.getConfiguration().getConstantValue("MyFirstModule.AUTH_username");     } I'm familiair with the way Java handles unicode escapes, even in comments. See for example: This is now caused by the "\u" part in the domain\user text in the Java source. Some questions: Is it ok that changing documentation from the Mendix modeler can cause a Java compile error?   What if we add something like this to the Constant documentation?: "Username for EOS Interface: domein\gebruikersnaam \u002A\u002F\u000D\u000Apublic static String name="Ed-Win";}  \u000D\u000A\u002F\u002A\u002A" that adds a String "name" to the java code that might be used somewhere else from Java, like return What if some more advanced (or even dangerous?) java code is added to the comment? e.g. "\u002A\u002F\u000D\u000Apublic static java.lang.String getnaam() { java.awt.Toolkit.getDefaultToolkit().beep(); return (java.lang.String)"Hello, World"; }\u000D\u000A\u002F\u002A\u002A" ?   What if these sort of comments are added to a module that is made available to the Appstore?   Should this be reported as a bug to Mendix ?  
1 answers

Nice find. I would suggest creating a bug report. This seems like a security risk.