Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11015

REST queries on documents containing javascript content returns incorrect JSON

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical - P2
    • Resolution: Fixed
    • Affects Version/s: 2.4.3
    • Fix Version/s: 2.5.5
    • Component/s: HTTP Console, Internal Code
    • Labels:
      None
    • Environment:
      platform independant
    • Operating System:
      ALL
    • Steps To Reproduce:
      Hide

      Issue reproduced via this specific use case:

      1/ enable REST on the database
      2/ create a database (let's say "demo")
      3/ enable profiling on this database (level 2 to profile everything)
      4/ execute a javascript file on the database

      Arbitrary example:

      var i = 0;
      while(i<1){
      db.runCommand( {
      eval: function(name, incAmount) {
      var doc =

      { name : name , num : 0 , total : 0 , avg : incAmount }

      ;
      db.collection1.save( doc );
      return doc;
      },
      args: [ "eliot", i ]
      }
      );
      i++;
      }

      5/ do a REST query on the "system.profile" collection for "demo"

      (for example: http://localhost:28017/demo/system.profile/)

      Resulting JSON is incorrect (javascript command is not escaped)

      See attached file "json_profiles.json".

      Show
      Issue reproduced via this specific use case: 1/ enable REST on the database 2/ create a database (let's say "demo") 3/ enable profiling on this database (level 2 to profile everything) 4/ execute a javascript file on the database Arbitrary example: var i = 0; while(i<1){ db.runCommand( { eval: function(name, incAmount) { var doc = { name : name , num : 0 , total : 0 , avg : incAmount } ; db.collection1.save( doc ); return doc; }, args: [ "eliot", i ] } ); i++; } 5/ do a REST query on the "system.profile" collection for "demo" (for example: http://localhost:28017/demo/system.profile/ ) Resulting JSON is incorrect (javascript command is not escaped) See attached file "json_profiles.json".

      Description

      If the content of a JSON document value is javascript, the result of a query via the REST interface does not escape this javascript content.
      Resulting content is not correct JSON.

      (tested via a query on "system.profiles" collection -> profiles having commands with javascript content).

        Attachments

          Issue Links

          related to

          Bug - A problem which impairs or prevents the functions of the product. SERVER-11868 Strict JSON escaping

          • Major - P3 - Major loss of function.
          • Closed

            Activity

              People

              Assignee:
              sverch Shaun Verch
              Reporter:
              david_fr David Regnier
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: