[ZBX-25876] HP iLO over HTTP does not work with specials chars in password Created: 2025 Jan 14  Updated: 2025 Aug 04  Resolved: 2025 Jan 22

Status: Closed
Project: ZABBIX BUGS AND ISSUES
Component/s: Server (S)
Affects Version/s: 7.0.7, 7.0.8, 7.2.1, 7.2.2
Fix Version/s: 7.0.9rc1, 7.2.3rc1, 7.4.0alpha1

Type: Problem report Priority: Blocker
Reporter: Jelmer Jaarsma Assignee: Armands Arseniuss Skolmeisters (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: 16h
Original Estimate: Not Specified

Issue Links:
Causes
caused by ZBX-24970 Macro functions don't work in script ... Closed
Duplicate
Team: Team C
Sprint: S25-W2/3, S25-W4/5
Story Points: 1

 Description   

Steps to reproduce:

  1. Set up iLO monitoring using the HPE iLO over http template
  2. Use a password with a " symbol in it
  3.  

Result:

591837:20250114:133320.305 [ HPE iLO ] Received response with status code 401: {"error":{"code":"iLO.0.10.ExtendedInfo","message":"See @Message.ExtendedInfo for more information.","@Message.ExtendedInfo":[

{"MessageId":"iLO.2.24.UnauthorizedLoginAttempt"}

]}}
591837:20250114:133320.306 [ HPE iLO ] ERROR: Authentication failed with status code 401: {"error":{"code":"iLO.0.10.ExtendedInfo","message":"See @Message.ExtendedInfo for more information.","@Message.ExtendedInfo":[

{"MessageId":"iLO.2.24.UnauthorizedLoginAttempt"}

]}}.
Expected:

Succesful login and working monitoring

 

I have added some debugging statements to the apiAuth function in the iLO template:

        Zabbix.log(4, '[ HPE iLO ] Debug auth: '+ JSON.stringify(auth_data));
        Zabbix.log(4, '[ HPE iLO ] Debug auth2: '+ ilo.params.password);

The result:

591837:20250114:133620.255 [ HPE iLO ] Debug auth: {"UserName":"zabbix","Password":"Welkom123\\\""}
591837:20250114:133620.255 [ HPE iLO ] Debug auth2: Welkom123\"

 

It looks like the JSON.stringify function is escaping the password!

This used to work before Zabbix 7.2

 Comments   
Comment by Jelmer Jaarsma [ 2025 Jan 14 ]

In the above example the actual password was: Welkom123"

I think my conclusion was a bit hasty, it looks like escaping is already done when retrieving the password from the macro

Comment by Alexander Vladishev [ 2025 Jan 14 ]

Thanks for your report! This issue occurs due to incorrect macro expansion in the item script parameters.

Comment by Armands Arseniuss Skolmeisters (Inactive) [ 2025 Jan 20 ]

Available in versions:

Generated at Sun Jun 14 05:06:09 EEST 2026 using Jira 10.3.18#10030018-sha1:5642e4ad348b6c2a83ebdba689d04763a2393cab.