User story #2947
closed
A special textarea-type field should exist for the Techniques that automatically escapes some characters
Added by Matthieu CERDA almost 13 years ago.
Updated over 10 years ago.
Category:
Web - Config management
Description
A special textarea-type field should exist for the Techniques that automatically escapes some characters, in order not to create broken CFEngine promises :p
For example, this text:
Blah blah
blah
blah "blah"
blah
would break because of the unescaped double quotes of "blah"...
The ideal would be a textarea that saves the text with escaped quotes and displays it without the escapes. (a "translation filter" or something like that.)
- Assignee changed from François ARMAND to Nicolas CHARLES
Nicolas, please could you specify exactly:
- what should go in LDAP (escaped version ?)
- what chars (and how) should be escaped ?
- what the user see when he edit again an escaped string ?
François ARMAND wrote:
Nicolas, please could you specify exactly:
- what should go in LDAP (escaped version ?)
- what chars (and how) should be escaped ?
- what the user see when he edit again an escaped string ?
I can't answer all the questions, but I have some clues:
- The user must see exactly what he typed in. If he enters """The cat said "hi" then left""", he should see just that, no escapes.
- The information should arrive in CFEngine with escaped around the double quote character. I don't know about other chars to be escaped.
Oh, and an escaped " in CFEngine is \".
It's important that what the user types is what is gets back when opening the form again
I strongly advice that the escaped version is stored in the LDAP, for two reasons :
- advanced users will be able to debug by looking at the content of the ldap
- it avoids the need of migration scripts : if users where used to escaping their stuff, then it will be handled nicely.
The only char to escape is (so far) the " to be escaped as a \"
Is this really a user-story, and not a bug of our current implementation ? It seems that what can cause CFEngine to fail should be filtered upfront, no ?
More specifically, is there a case where we don't want to escape chars ? And if so, isn't that "raw" field the special case, not the other way around ?
Nicolas CHARLES wrote:
It's important that what the user types is what is gets back when opening the form again
I strongly advice that the escaped version is stored in the LDAP, for two reasons :
- advanced users will be able to debug by looking at the content of the ldap
- it avoids the need of migration scripts : if users where used to escaping their stuff, then it will be handled nicely.
The only char to escape is (so far) the " to be escaped as a \"
Are we sure that the escaping function is a bijection so that all escaped sentence point back to exactly one not escaped one (what is required if we want to be able to display back to the user what he wrote even if we store the escaped sentence in LDAP) ?
François ARMAND wrote:
Is this really a user-story, and not a bug of our current implementation ? It seems that what can cause CFEngine to fail should be filtered upfront, no ?
It's a kind of limitation which can be considered a bug
More specifically, is there a case where we don't want to escape chars ? And if so, isn't that "raw" field the special case, not the other way around ?
There is only one situation where we'd want to avoid escaping : when filling external files that are not promises (like when using CDP, or template files). We have only filesPermissions and processManagement in this situation
So it should be the norm, and the non-escape the exception
Nicolas CHARLES wrote:
It's important that what the user types is what is gets back when opening the form again
I strongly advice that the escaped version is stored in the LDAP, for two reasons :
- advanced users will be able to debug by looking at the content of the ldap
- it avoids the need of migration scripts : if users where used to escaping their stuff, then it will be handled nicely.
The only char to escape is (so far) the " to be escaped as a \"
Are we sure that the escaping function is a bijection so that all escaped sentence point back to exactly one not escaped one (what is required if we want to be able to display back to the user what he wrote even if we store the escaped sentence in LDAP) ?
I can't see how something that does " => \" and \" => " would not by a bijection (at least, when we start with valid data). If someone inserts broken data in the LDAP, and we have unescaped " there, problem will arise.
But in this case, generated promises are also invalid
I've done further checks.
\ and \\ are considered the same by CFEngine
\t or \n are not escape charactrers
but
\\"
is not valid as it is considered as a \ then a "
So we should probably escape the \ also to be on the safe side.
Note : it may have an impact on reporting, as it would change the string in the report key, and we'd have to check how it would be handled by rsyslog and postgres
- Target version changed from 2.5.0~beta1 to 2.5.0~rc1
- Target version changed from 2.5.0~rc1 to 2.6.0~beta1
This won't be done in 2.5
The default will be to have the text automatically escaped, and a new contraint RAW will be created, for text that should no be escaped
How the escaping should be :
\ -> \\
" -> \"
The escaping will be done in cf-clerk
- Status changed from New to 13
- Status changed from 13 to 12
- Assignee changed from Nicolas CHARLES to Matthieu CERDA
Every ticket has been completed, merge has begun.
- Status changed from 12 to Pending release
- Status changed from Pending release to Released
- Category changed from 14 to Web - Config management
Also available in: Atom
PDF
Updated by François ARMAND over 12 years ago
Updated by Jonathan CLARKE over 12 years ago
Updated by Nicolas CHARLES over 12 years ago
Updated by Matthieu CERDA over 12 years ago
Updated by Benoît PECCATTE over 10 years ago