incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-863) Non-printable characters (ASCII control character) such as %00 or %0025 are getting stored in raw/non encoded form in the database.
Date Sat, 16 Feb 2013 06:27:12 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13579728#comment-13579728
] 

ASF subversion and git services commented on CLOUDSTACK-863:
------------------------------------------------------------

Commit 87b668b71b34c93e9ba85d4708a1c04f4020f6bf in branch refs/heads/master from [~likithas]
[ https://git-wip-us.apache.org/repos/asf?p=incubator-cloudstack.git;h=87b668b ]

CLOUDSTACK-863: Fix Non-printable characters in api call

Non-printable characters results in empty pages for all users loading the
corrupted object in the web interface. It also results in the API call results
getting truncated with an error when it encounters the non-printable characters.
Every decoded parameter value is checked for control character using OWASP's
ESAPI library.

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>

                
> Non-printable characters (ASCII control character) such as %00 or %0025 are getting stored
in raw/non encoded form in the database.
> -----------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-863
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-863
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: API
>    Affects Versions: 4.0.0
>            Reporter: Likitha Shetty
>            Assignee: Likitha Shetty
>             Fix For: 4.1.0
>
>         Attachments: get.png, UI.jpg.jpeg
>
>
> Non-printable characters such as %00 or %0025 are getting stored in raw/non encoded form
in the database.
> It results in empty pages for all users loading the corrupted object in the web interface
(a corrupted Instance in this case - see attached UI.jpg.jpeg) 
> It also results in the API call results getting truncated with an error when it encounters
the non-printable characters

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message