SCadilhac
commented
7 months ago Not sure how are you getting this result, but I don't think Netshot API is returning this.
Closed CFLagerfeldt closed 5 months ago
SCadilhac
commented
7 months ago Not sure how are you getting this result, but I don't think Netshot API is returning this.
CFLagerfeldt
commented
7 months ago The issue can be replicated with a simple Javascript compliance check:
function check(device) { return { result: CONFORMING, comment: "string containing quotes \"quote\" causes invalid JSON" }; }
SCadilhac
commented
6 months ago % curl -s 'http://localhost:8081/api/devices/1/complianceresults' -H 'Cookie: JSESSIONID=8409947972935339579' | jq
[
{
"id": 8,
"ruleName": "Escape",
"policyName": "Policy 12",
"result": "NONCONFORMING",
"comment": "string containing quotes \"quote\" causes invalid JSON",
"checkDate": 1708029824502,
"expirationDate": null
},
...
]I cannot reproduce this issue. What command how are you using to request the API endpoint?
Version 0.19.3
API endpoint: /devices/{id}/complianceresults
If the comment returned from a device compliance check contains special characters (like double-quotes) these are copied into the API output directly (without being escaped), causing the JSON output to be invalid.
Example:
[ { "id": 0, "ruleName": "string", "policyName": "string", "result": "CONFORMING", "comment": "string containing quotes "" causes invalid JSON", "checkDate": "2024-01-23T14:06:00.862Z", "expirationDate": "2024-01-23T14:06:00.862Z" } ]