incubator-callback-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Derek Jensen (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CB-192) Plugins fail silently when string argument contains \x00 charachters
Date Tue, 24 Jan 2012 02:03:40 GMT

    [ https://issues.apache.org/jira/browse/CB-192?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13191818#comment-13191818
] 

Derek Jensen commented on CB-192:
---------------------------------

Thats fine if you don't want to support it, however you may find that regressive functionality
is not particularly good coding practice.  In other words, it used to work, and now it doesn't.

The rationale presented here is weak, considering Objective-C NSString class has no problem
with imbedded nulls: It would break Unicode strings if it didn't work.  There is no security
issue per-se.

My final point is this:  it fails SILENTLY.  At least output something to the console that
tells the developer that you are throwing away a plugin call.  It's very hard to debug when
it just goes away without a trace. Calling back to the failure function if provided would
also be a plus.
                
> Plugins fail silently when string argument contains \x00 charachters
> --------------------------------------------------------------------
>
>                 Key: CB-192
>                 URL: https://issues.apache.org/jira/browse/CB-192
>             Project: Apache Callback
>          Issue Type: Bug
>          Components: iOS
>    Affects Versions: 1.3.0
>         Environment: Mac OS X Lion, XCode 4.2, Phonegap 1.3.0
>            Reporter: Derek Jensen
>            Assignee: Shazron Abdullah
>
> Passing an string argument with hex 0 imbedded in it causes the plugin to fail silently.
> While the argument is correctly processed by JSON.stringify(), the plugin objective-c
code
> is never called.  To see this in action, try console.log("foo\x00");

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message