Cisco Bug: CSCur20643 - REST API parsing criteria not handling "&" character in query parameter
Last Modified
Feb 05, 2015
Products (1)
- Cisco Unity Connection
Known Affected Releases
10.5(2.160)
Description (partial)
Symptom: REST API parsing criteria not handling "&" character in query parameter Conditions: In earlier releases (9.x), we have no support for multiple parameters in the parse criteria for the query filter. In 10.x, there was a requirement for having multiple parameters while parsing a query for REST API'S in unity connection. We now support upto 6 parameters in a query filter. To cater this requirement, we introduced the code logic having "&" character as delimiter in case of multiple parameters and we separate the filter in two on the basis of "&" character. From 10.x Release onwards, when the filter is "alias is test&check", then the code logic separates the query filter on the basis of & character and does the parsing separately for the filter part before and after & character. When a request with "&" is passed in query parameter it will return error similar to this : <ErrorDetails> <errors> <code>INVALID_PARAMETER</code> <message>Invalid filter: check</message> </errors> </ErrorDetails> There is no logic/handling for escaping "&" character in query parameter
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases