Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-1412

JSON strings in some responses not being correctly escaped

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 2.7.0
    • 3.0
    • SyncGateway
    • Security Level: Public
    • None
    • CBG Sprint 75
    • 3

    Description

      Need to ensure strings are correctly escaped when manually building JSON responses (we do this for some small efficiency reasons). We already do this in some places via ConvertToJSONString, need to make sure this is used comprehensively.

      Same general issue as CBG-661, but that fix was too narrow.

      E.g:

      from handler.writeRawJSON, handler.writeRawJSONStatus

      h.writeRawJSON([]byte(`{"id":"` + docid + `","ok":true,"rev":"` + newRev + `"}`)) 

      h.writeRawJSONStatus(http.StatusCreated, []byte(`{"id":"`+docid+`","ok":true,"rev":"`+newRev+`"}`)) 

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            Build sync_gateway-3.0.0-216 contains sync_gateway commit 51c3631 with commit message:
            CBG-1412 - JSON strings in some responses not being correctly escaped (#5023)

            build-team Couchbase Build Team added a comment - Build sync_gateway-3.0.0-216 contains sync_gateway commit 51c3631 with commit message: CBG-1412 - JSON strings in some responses not being correctly escaped (#5023)

            People

              isaac.lambat Isaac Lambat
              ben.brooks Ben Brooks
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty