Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64032

Groovy-backed &#64 when input @ after 2.5.1 upgrade

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Blocker Blocker
    • active-choices-plugin
    • None
    • 2.5.1

      When I input @, it returns &#64

      ex:

      input:'git@gitlab.com:xzdry:xxxxxx.git'

      expect:'git@gitlab.com:xzdry:xxxxxx.git'

      actual return:'git&#64gitlab.com:xzdry:xxxxxx.git'

          [JENKINS-64032] Groovy-backed &#64 when input @ after 2.5.1 upgrade

          xz dry created issue -

          Hi xzdry,

           

          Thanks for reporting the issue with example and expected/received results. Looks like we are filtering a bit too much of the code. Given the risk of a security regression for a recent CVE, I will try to take some time to understand what's going on and how to fix it (even though the fix should be simple, I will need some time to confirm it's not going to result in a new CVE).

          Cheers

          Bruno

          Bruno P. Kinoshita added a comment - Hi xzdry ,   Thanks for reporting the issue with example and expected/received results. Looks like we are filtering a bit too much of the code. Given the risk of a security regression for a recent CVE, I will try to take some time to understand what's going on and how to fix it (even though the fix should be simple, I will need some time to confirm it's not going to result in a new CVE). Cheers Bruno
          xz dry made changes -
          Description Original: When I input @, it returns &#64

          ex:

          input:'git@116.62.100.239:xxxxxx.git'

          expect:'git@116.62.100.239:xxxxxx.git'

          actual return:'git&#64116.62.100.239:xxxxxx.git'
          New: When I input @, it returns &#64

          ex:

          input:'git@gitlab.com:xzdry:xxxxxx.git'

          expect:'git@gitlab.com:xzdry:xxxxxx.git'

          actual return:'git&#64gitlab.com:xzdry:xxxxxx.git'

          xz dry added a comment -

          thanks for your reply

          I will waiting for your good news

          xz dry added a comment - thanks for your reply I will waiting for your good news
          Bruno P. Kinoshita made changes -
          Attachment New: image-2020-10-30-22-48-12-385.png [ 53113 ]

          xzdry whenever you report an issue, the more information you provide the merrier. I've had a bit of spare time today, and am doing some triaging, and trying to fix simple issues, or regressions.

          From your issue description, I thought it could be related to a recent change, but without knowing which parameters you used exactly, my first try was a simple String param, and a reactive param "reacting" to changes of the String param.

          With this scenario I think your case worked for me.

          Let me try now with some other combination of params...

          Bruno P. Kinoshita added a comment - xzdry whenever you report an issue, the more information you provide the merrier. I've had a bit of spare time today, and am doing some triaging, and trying to fix simple issues, or regressions. From your issue description, I thought it could be related to a recent change, but without knowing which parameters you used exactly, my first try was a simple String param, and a reactive param "reacting" to changes of the String param. With this scenario I think your case worked for me. Let me try now with some other combination of params...
          Bruno P. Kinoshita made changes -
          Attachment New: image-2020-10-30-22-51-26-345.png [ 53114 ]

          Reactive reference parameter working apparently OK too.

           

          Bruno P. Kinoshita added a comment - Reactive reference parameter working apparently OK too.  
          Bruno P. Kinoshita made changes -
          Attachment New: image-2020-10-30-22-53-43-762.png [ 53115 ]

          Closing as Cannot Reproduce.

          I've tried the combinations I could think of. Also had a look at the value provided in the build:

          It could be caused by some security setting in Jenkins, or if you are sending the parameter value in a different way I guess? In case the issue persist, you could either decode the values in your build, or feel free to re-open with some details to reproduce the issue.

          Good examples of helpful information are config.xml example file, screenshots, description of the setup, etc.

          Bruno P. Kinoshita added a comment - Closing as Cannot Reproduce. I've tried the combinations I could think of. Also had a look at the value provided in the build: It could be caused by some security setting in Jenkins, or if you are sending the parameter value in a different way I guess? In case the issue persist, you could either decode the values in your build, or feel free to re-open with some details to reproduce the issue. Good examples of helpful information are config.xml example file, screenshots, description of the setup, etc.

            kinow Bruno P. Kinoshita
            xzdry xz dry
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: