potiuk opened a new pull request, #69378:
URL: https://github.com/apache/airflow/pull/69378

   The XCom create/update payload validator `_check_forbidden_xcom_keys`
   recursively rejects reserved serialization keys (`__classname__`, `__type`,
   `__var`, ...) in `dict`/`list` values. Its `_walk` helper descended dicts,
   lists and tuples but not `str`, so a value submitted as a JSON string literal
   — e.g. `json.dumps({"__classname__": ...})` — was stored verbatim and
   re-parsed into a dict on a `?deserialize=true` read, slipping past the 
filter.
   
   This extends `_walk` to `json.loads` a string value and inspect the decoded
   `dict`/`list` the same way the read path does. Strings that are not JSON, or
   that decode to non-container values, are unchanged and still accepted.
   
   ### Tests
   
   - [x] `test_create_xcom_entry_blocks_forbidden_keys_in_json_string`
   - [x] `test_patch_xcom_entry_blocks_forbidden_keys_in_json_string`
   - [x] `test_create_xcom_entry_allows_benign_string_values` (no false 
positives)
   
   ##### Was generative AI tooling used to co-author this PR?
   
   - [X] Yes — Claude Opus 4.8 (1M context)
   
   Generated-by: Claude Opus 4.8 (1M context) following the guidelines at
   
https://github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to