You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by GitBox <gi...@apache.org> on 2021/02/17 10:29:48 UTC
[GitHub] [camel-k-runtime] nicolaferraro opened a new issue #632: Functions to escape Kamelet parameters
nicolaferraro opened a new issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632
There are multiple cases where I want to escape a specific parameter. But "escaping", depending on the context, could mean different things.
Suppose I've a Kamelet with a `param`.
If the `param` represents an ID in a rest resource, I could use it as:
```yaml
- tod: "https://api.com/users/{{param}}/details"
```
If I pass `luca` it works. If I pass `luca/tokens?` I did an injection attack.
Here I'd like to URL encode the param as URL path segment.
In another case, I need to analyze the output of a service to call another one, so I use JSONpath:
```
- to: https://api.com/endpoint
- transform:
jsonpath: "$.value[?(@.lastName == '{{param}}')]"
```
If I pass `Burgazzoli` it works. If I pass `O'Neil` then the whole integration crashes because of invalid JSONpath expression.
How can we solve thes issues?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-792233811
Okay so the kamelet yaml could be
```
- to: https://api.com/endpoint
- transform:
jsonpath: '$.value[?(@.lastName == "{{param}}")]'
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-792234288
JIRA about to configure input rules
https://issues.apache.org/jira/browse/CAMEL-16312
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus edited a comment on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus edited a comment on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-780587696
Maybe a kamelet parameter needs to a way to specify valid inputs. So you can say that valid is only alpha numeric, or max length is 10, min lenght is 5, etc. And other kinds of rules.
For O Niel then simple language allows escape, so you can say
```
O\'Niel
```
But this is jsonpath in the example
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-791999537
Another alternative is to see if the placeholder is used where there are single quotes before / after, and then escape internal single quotes
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus closed issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus closed issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@camel.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] nicolaferraro commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
nicolaferraro commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-780651715
> Maybe a kamelet parameter needs to a way to specify valid inputs. So you can say that valid is only alpha numeric, or max length is 10, min lenght is 5, etc. And other kinds of rules.
>
> For O Niel then simple language allows escape, so you can say
>
> ```
> O\'Niel
> ```
>
> But this is jsonpath in the example
Yeah, that's an option, but not the more user-friendly in the general case, since it would require that the user manually escapes `O'Neil` into `O\'Neil`. Ideally it's the template mechanism that should allow the template writer to apply escaping functions in order to use the "transformed" version of the parameter in different parts of the route template... But I don't know how, or if it could be done declaratively.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-780587696
Maybe a kamelet parameter needs to a way to specify valid inputs. So you can say that valid is only alpha numeric, or max length is 10, min lenght is 5, etc. And other kinds of rules.
For O Niel then simple language allows escape, so you can say O\'Niel
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-791998603
Okay so the single quoutes should be double quotes, then we can use O'Niel, such as
.transform().jsonpath("$.store.book[?(@.author == \"John O'Niel\")].title")
Since kamelets in yaml dsl are already using double quotes for string literals. We can maybe transpose the expression by looking for single quote pairs, and replace them as double quotes, for specific languages like simple or jsonpath.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] lburgazzoli commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
lburgazzoli commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-792000931
> Since kamelets in yaml dsl are already using double quotes for string literals. We can maybe transpose the expression by looking for single quote pairs, and replace them as double quotes, for specific languages like simple or jsonpath.
I think in YAML you can use single quotes instead of double quotes
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-780586399
Yes the O Neil thing would be same problem. Can you escape the quote or use double quotes for the == {{param}}
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-806469570
This is fixed in Camel 3.10, so you can use whatever syntax in the kamelets you like
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] lburgazzoli commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
lburgazzoli commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-780584571
Guess the same happens on plain camel right ?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [camel-k-runtime] davsclaus commented on issue #632: Functions to escape Kamelet parameters
Posted by GitBox <gi...@apache.org>.
davsclaus commented on issue #632:
URL: https://github.com/apache/camel-k-runtime/issues/632#issuecomment-782718978
I created a ticket about this problem as its a general camel-core problem
https://issues.apache.org/jira/browse/CAMEL-16242
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org