Team B
[ZBX-19763] Contents of CDATA for HTTP item request body type XML is escaped incorrectly Created: 2021 Aug 02 Updated: 2024 Apr 10 |
|
| Status: | Open |
| Project: | ZABBIX BUGS AND ISSUES |
| Component/s: | Frontend (F) |
| Affects Version/s: | 5.0.14, 5.4.3, 6.0.0alpha1 |
| Fix Version/s: | None |
| Type: | Problem report | Priority: | Trivial |
| Reporter: | Ivo Kurzemnieks | Assignee: | Zabbix Development Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | httpagent, itemtest, macros, xml | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Team: | Team B |
| Description |
|
According to documentation : "Macros can be used as a text node, attribute or CDATA section. Values from macros are resolved and then escaped automatically in a text node and attribute." Here are two examples: <text attribute="{$A}">{$B}</text>
Both macros {$A} and {$B} should be resolved and escaped <text attribute="{$A}"><![CDATA[{$B}]]></text>
Only macro {$A} should be resolved and escaped. Currently this is not the case and macro {$B} is also escaped. To sum it up: for HTTP agent item types if request body type is XML, then the XML content from Request body should be parsed first and only then macros should be resolved and escaped depending on node type. If node type is CDATA, do not escape the resolved macro value. If node type is text or attribute resolve and escape characters: <, >, &, ", ' |