You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2022/03/01 22:32:48 UTC

[GitHub] [superset] cancan101 opened a new issue #18994: rison library used for query param encoding not correctly escaping

cancan101 opened a new issue #18994:
URL: https://github.com/apache/superset/issues/18994


   The `rison` used for query param encoding (e.g. [see here](https://github.com/apache/superset/blob/2491b89f2911482d9951064e541d616e396f75eb/superset-frontend/src/components/Datasource/DatasourceEditor.jsx#L642-L644)) does not correctly encode `=` or `?`.
   
   See for example here https://runkit.com/agrothberg/rison-issues how this `rison.encode({table_name: 'a?a=b'})` is encoded as `(table_name:a?a=b)`.
   
   Trying to parse that using the `prison` library on python (CC @betodealmeida): `prison.loads("(table_name:a?a=b)")` leads to `prison.decoder.ParserException: missing ',`.
   
   This is the underlying issue that I first saw on: https://github.com/apache/superset/issues/18993 however that is an independent issue.
   
   #### How to reproduce the bug
   
   1. Use legacy datasource editor
   2. Define a table with an `=` in its name
   3. Click sync columns from source
   
   
   ### Expected results
   
   Ideally it should handle the table name (it looks like the string is not properly `rison` encoded. If it isn't going to allow these strings, then at the very least the 400 error should be properly generated.
   
   ### Actual results
   
   Table name not parsable by the backend.
   
   #### Screenshots
   
   n/a
   
   ### Environment
   
   - browser type and version: Chrome 98.0.4758.102 
   - superset version: `Superset 1.4.1`
   - python version: `Python 3.7.3`
   - node.js version: `v15.4.0`
   - any feature flags active: n/a
   
   ### Checklist
   
   Make sure to follow these steps before submitting your issue - thank you!
   
   - [x] I have checked the superset logs for python stacktraces and included it here as text if there are any.
   - [x] I have reproduced the issue with at least the latest released version of superset.
   - [ ] I have checked the issue tracker for the same issue and I haven't found one similar. This might be a duplicate with: https://github.com/apache/superset/issues/13708
   
   ### Additional context
   
   n/a
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] cancan101 commented on issue #18994: rison library used for query param encoding not correctly escaping

Posted by GitBox <gi...@apache.org>.
cancan101 commented on issue #18994:
URL: https://github.com/apache/superset/issues/18994#issuecomment-1060884145


   @eschutho , I thought the issue might have been fixed with that PR, but in looking last week, I noticed perhaps not all of the call spots were updated (see my comment: https://github.com/apache/superset/pull/18056#issuecomment-1055926969)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] cancan101 commented on issue #18994: rison library used for query param encoding not correctly escaping

Posted by GitBox <gi...@apache.org>.
cancan101 commented on issue #18994:
URL: https://github.com/apache/superset/issues/18994#issuecomment-1061092142


   OK, I think the issue as initially reported is in fact fixed by https://github.com/apache/superset/pull/18056 that being said, my comment still stands that there may also be some other case where rison is used in a query param but the correct call to encode is not being used.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] eschutho commented on issue #18994: rison library used for query param encoding not correctly escaping

Posted by GitBox <gi...@apache.org>.
eschutho commented on issue #18994:
URL: https://github.com/apache/superset/issues/18994#issuecomment-1060902719


   Oh, good call. We'll take a look at that. Thank you!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] eschutho commented on issue #18994: rison library used for query param encoding not correctly escaping

Posted by GitBox <gi...@apache.org>.
eschutho commented on issue #18994:
URL: https://github.com/apache/superset/issues/18994#issuecomment-1060880746


   I believe this issue had been fixed with https://github.com/apache/superset/pull/18056. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org