Guest

Preview Tool

Cisco Bug: CSCur20643 - REST API parsing criteria not handling "&" character in query parameter

Last Modified

Feb 05, 2015

Products (1)

  • Cisco Unity Connection

Known Affected Releases

10.5(2.160)

Description (partial)

Symptom:
REST API parsing criteria not handling "&" character in query parameter

Conditions:
In earlier releases (9.x), we have no support for multiple parameters in the parse criteria for the query filter. In 10.x, there was a requirement for having multiple parameters while parsing a query for REST API'S in unity connection. We now support upto 6 parameters in a query filter. To cater this requirement, we introduced the code logic having "&" character as delimiter in case of multiple parameters and we separate the filter in two on the basis of "&" character.
 
From 10.x Release onwards, when the filter is "alias is test&check", then the code logic separates the query filter on the basis of & character and does the parsing separately for the filter part before and after & character.
When a request with "&" is passed in query parameter it will return error similar to this :
<ErrorDetails>
<errors>
<code>INVALID_PARAMETER</code>
<message>Invalid filter: check</message>
</errors>
</ErrorDetails> 

There is no logic/handling for escaping "&" character in query parameter
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.