Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-18116

text() function does not work in xpath evaluation on XML API

    • Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Major Major
    • core
    • Jenkins v1.5.15

      get http://myserver/job/jobname/185/api/xml?xpath=/*/number
      <number>185</number>

      get http://myserver/job/jobname/185/api/xml?xpath=/*/number/text()
      Error 330 (net::ERR_CONTENT_DECODING_FAILED): Unknown error.

          [JENKINS-18116] text() function does not work in xpath evaluation on XML API

          Robert Navado created issue -
          Geoff Cummings made changes -
          Link New: This issue duplicates JENKINS-16877 [ JENKINS-16877 ]

          This has been disabled for security.
          For more infirmation and details on how to manually enable it again please see JENKINS-16877

          Geoff Cummings added a comment - This has been disabled for security. For more infirmation and details on how to manually enable it again please see JENKINS-16877
          twolfart made changes -
          Link New: This issue is related to JENKINS-17347 [ JENKINS-17347 ]

          Ivan Kurnosov added a comment -

          @Geoff Cummings:

          it should be 403 then, not 330

          Ivan Kurnosov added a comment - @Geoff Cummings: it should be 403 then, not 330

          Geoff Cummings added a comment - - edited

          hmm.. 403 if I try a wget, but chrome gives the Error 330 (net::ERR_CONTENT_DECODING_FAILED): Unknown error.

          wget "https://ci.jenkins-ci.org/view/Jenkins%20core/api/xml?xpath=/listView/job[1]/name/text()"
          --2013-06-20 12:28:55--  https://ci.jenkins-ci.org/view/Jenkins%20core/api/xml?xpath=/listView/job[1]/name/text()
          Resolving ci.jenkins-ci.org (ci.jenkins-ci.org)... 63.246.20.93
          Connecting to ci.jenkins-ci.org (ci.jenkins-ci.org)|63.246.20.93|:443... connected.
          HTTP request sent, awaiting response... 403 Forbidden
          2013-06-20 12:28:55 ERROR 403: Forbidden.
          

          Geoff Cummings added a comment - - edited hmm.. 403 if I try a wget, but chrome gives the Error 330 (net::ERR_CONTENT_DECODING_FAILED): Unknown error. wget "https: //ci.jenkins-ci.org/view/Jenkins%20core/api/xml?xpath=/listView/job[1]/name/text()" --2013-06-20 12:28:55-- https: //ci.jenkins-ci.org/view/Jenkins%20core/api/xml?xpath=/listView/job[1]/name/text() Resolving ci.jenkins-ci.org (ci.jenkins-ci.org)... 63.246.20.93 Connecting to ci.jenkins-ci.org (ci.jenkins-ci.org)|63.246.20.93|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2013-06-20 12:28:55 ERROR 403: Forbidden.

          Ivan Kurnosov added a comment -

          @Geoff Cummings

          that's weird, thanks

          Ivan Kurnosov added a comment - @Geoff Cummings that's weird, thanks

          Daniel Beck added a comment -

          This issue is caused by the fix to a security issue, see the advisory. It also explains how to work around that problem. However, a better solution exists since 1.537 in Plugins providing an implementation of the SecureRequester interface, e.g.:

          https://wiki.jenkins-ci.org/display/JENKINS/Secure+Requester+Whitelist+Plugin

          I'm resolving this as not a defect, because it's a deliberate change because of security concerns. That it shows a content decoding error instead of "Access Denied" is a different, less important issue.

          Daniel Beck added a comment - This issue is caused by the fix to a security issue, see the advisory . It also explains how to work around that problem. However, a better solution exists since 1.537 in Plugins providing an implementation of the SecureRequester interface, e.g.: https://wiki.jenkins-ci.org/display/JENKINS/Secure+Requester+Whitelist+Plugin I'm resolving this as not a defect , because it's a deliberate change because of security concerns. That it shows a content decoding error instead of "Access Denied" is a different, less important issue.
          Daniel Beck made changes -
          Resolution New: Not A Defect [ 7 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/java/hudson/model/Api.java
          http://jenkins-ci.org/commit/jenkins/0a241aafdbdf3ad15d34efa3077658c5770b9195
          Log:
          [JENKINS-17374 JENKINS-18116] Don't set gzip header for error

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/java/hudson/model/Api.java http://jenkins-ci.org/commit/jenkins/0a241aafdbdf3ad15d34efa3077658c5770b9195 Log: [JENKINS-17374 JENKINS-18116] Don't set gzip header for error

            Unassigned Unassigned
            navado Robert Navado
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: