-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incomplete validation for unevaluatedProperties #752
Comments
@costas80 Good catch! There are four approaches to solving this issue and none are perfect.
I'm going to start by writing a parser and testing its effect on performance. For 2.0, I prefer using an abstraction. @stevehu What do you think? |
I agree. An abstraction would be best but currently the parser approach would be the way to go. I would also drop already |
Sorry. I was away from my desktop for several days. I agree we can drop the LEGACY as it still needs to be fully implemented. We can increase the minor number to indicate this validator might break with the upgrade. Thanks. |
Resolves #752 Co-authored-by: Faron Dutton <faron.dutton@insightglobal.com>
Hi @fdutton , I was checking the PR you made on this and noticed a few problems. First of all there was an obvious issue in the handling of single quotes (a dead store) that I fixed in #755 . There are however other issues I found in the parser that are more complex and should be rechecked. I'm adding below a series of unit test assertions that fail given the new parsing: // Gives "/foobar". The '.' is not handled correctly.
assertEquals("/foo/bar", PathType.JSON_PATH.convertToJsonPointer("$.foo.bar"));
// Gives "/foo~bar". The '~' needs to be escaped as '~0'.
assertEquals("/foo~0bar", PathType.JSON_PATH.convertToJsonPointer("$['foo~bar']"));
// Gives "/foo/bar". The '/' needs to be escaped as '~1'.
assertEquals("/foo~1bar", PathType.JSON_PATH.convertToJsonPointer("$['foo/bar']"));
// Gives "/foo'bar']". The '[' is not handled correctly.
assertEquals("/foo/bar", PathType.JSON_PATH.convertToJsonPointer("$.foo['bar']")); Note that the above don't result from an exhaustive test. I only tested with the obvious special characters from the JSON Pointer spec ( Also, I would again suggest that |
Hey @fdutton, for information I did an update on |
When looking into the fix for #750 I noticed an issue in an update made recently by @fdutton . There was a method introduced to convert a Legacy or JSON Path path to a JSON Pointer to make a subsequent lookup.
Specifically in
PathType
the following was introduced:That is used in
UnEvaluatedPropertiesValidator
:The
fromLegacyOrJsonPath
method ofPathType
is oversimplified and assumes that there are no characters with potentially special meaning in the property names being looked up. For example a property including/
,~
,"
,[
,]
,.
or$
would end up with an invalid JSON pointer that would not throw an error but would never end up matching anything. In addition, as it stands, the default path approach is the legacy "JSON-Path-like" approach which may be invalid as JSON Path to begin with.What are your thoughts @fdutton ?
The text was updated successfully, but these errors were encountered: