Bugreport: When you have a `\/` in your password s...
# gooddata-cn
Bugreport: When you have a
in your password sent to the
endpoint, the server only stores a
into the database. So looks like the value is not treated as a simple string, but escaping is evaluated on it.
I've used curl's
--trace-ascii /dev/stdout
args to see what is being sent to the server, and looked into the
table to see what has been stored, that's how I found it.
Please note that the payload in encoded in JSON and this serialization format handles
differently - it behaves like "escape character" that modified the meaning of the following character. Some characters have special meaning, e.g.
is a newline (0xA in ASCII encoding),
is a TAB character (0x09) and so on. So
escapes the forward slash char. If you need to store
using JSON format, you need to escape this character as well, so you need to store it as
See String grammar described in https://www.json.org/json-en.html
If you wonder what's the reason why
translates to literal
, it is that JSON was designed for World-Wide Web so if you want to store HTML tag in JSON that is embedded in
HTML tag. :)
Dammit, you are so right. Yeah, building payload from bash is probably not the smartest way. Thx for looking into this, sorry about the false alarm. Thx for the explanation.