search

dazzling-sky / COMP4111-project

COMP4111 project - RESTful Web Service for Library Book Management
https://course.cse.ust.hk/comp4111/project.html
0 stars 0 forks source link

Book lookup does not properly escape special characters when returning response. #31

Open STommydx opened 4 years ago

STommydx commented 4 years ago

Describe the bug Book lookup does not properly escape special characters when returning response.

To Reproduce

  1. Login as usual
  2. Add the following book. Note that this is a valid JSON. 
    {
"Title": "\\\\",
"Author": "200 OK thx!",
"Publisher": "200 OK Inc.",
"Year": 2028
}
  3. Look up all books.

Expected behavior The server returns the JSON response below.

{
    "FoundBooks": 1,
    "Results": [
        {
            "Title": "\\\\",
            "Author": "200 OK thx!",
            "Publisher": "200 OK Inc.",
            "Year": 2028
        }
    ]
}

What actually happens The server returns the JSON response below.

{
    "FoundBooks": 1,
    "Results": [
        {
            "Title": "\\",
            "Author": "200 OK thx!",
            "Publisher": "200 OK Inc.",
            "Year": 2028
        }
    ]
}
comp4111ta commented 4 years ago

JSON uses backslash espaces. So this is the correct behavior. https://www.json.org/json-en.html

STommydx commented 4 years ago

@comp4111ta There is no escape. You can clearly see one slash is missing in the response. The book name is \\ but it returns \.

comp4111ta commented 4 years ago

@comp4111ta There is no escape. You can clearly see one slash is missing in the response. The book name is \\ but it returns \.

@STommydx image (https://www.json.org/json-en.html)

Any JSON library following the specs will treat double slash to the single one. Otherwise, you cannot specify new lines with \n.

That is why \\\\ becomes \\

STommydx commented 4 years ago

@comp4111ta When I add the request it adds a book with title double slash (4 slashes in the json). When it returns the response, it returns the book with title single slash (2 slashes in the json). This happens because it prints out slashes directly instead of the escaped version (double slash). You can see the code for the looking up part.

STommydx commented 4 years ago

It handles the escape properly in the input, but not the output.

comp4111ta commented 4 years ago

It handles the escape properly in the input, but not the output.

You're right. The input and output should be consistent with JSON specs.