[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9015: -- Affects Version/s: 3.6.3 3.5.8 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Craig Perkins >Priority: Minor > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9015: -- Affects Version/s: 4.0.4 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.4 >Reporter: Craig Perkins >Priority: Minor > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9015: -- Fix Version/s: 3.5.9 4.1.0 4.0.5 3.6.4 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.4 >Reporter: Craig Perkins >Priority: Minor > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Craig Perkins updated CXF-9015: --- Description: The JsonMapObjectReaderWriter class maintains a list of [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] which includes special characters that need to be escaped like the newline (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't find any links to official documentation about this character needing to be escaped. According to this [SO post|https://stackoverflow.com/a/27516892] which details escaped characters in JSON, it does not include `\h` in this list. Issue in OpenSearch where this issue is discussed: [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] PR to address the issue with more details: [https://github.com/apache/cxf/pull/1872] was: The JsonMapObjectReaderWriter class maintains a list of [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] which includes special characters that need to be escaped line the newline (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't find any links to official documentation about this character needing to be escaped. According to this [SO post|https://stackoverflow.com/a/27516892] which details escaped characters in JSON, it also does not include `\h` in this list. Issue in OpenSearch where this issue is discussed: [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] PR to address the issue with more details: https://github.com/apache/cxf/pull/1872 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Reporter: Craig Perkins >Priority: Minor > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9015) Typo JsonMapObjectReaderWriter treats \h as a special character instead of \n
Craig Perkins created CXF-9015: -- Summary: Typo JsonMapObjectReaderWriter treats \h as a special character instead of \n Key: CXF-9015 URL: https://issues.apache.org/jira/browse/CXF-9015 Project: CXF Issue Type: Bug Reporter: Craig Perkins The JsonMapObjectReaderWriter class maintains a list of [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] which includes special characters that need to be escaped line the newline (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't find any links to official documentation about this character needing to be escaped. According to this [SO post|https://stackoverflow.com/a/27516892] which details escaped characters in JSON, it also does not include `\h` in this list. Issue in OpenSearch where this issue is discussed: [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] PR to address the issue with more details: https://github.com/apache/cxf/pull/1872 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Craig Perkins updated CXF-9015: --- Summary: Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n (was: Typo JsonMapObjectReaderWriter treats \h as a special character instead of \n) > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Reporter: Craig Perkins >Priority: Minor > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped line the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it also does not include `\h` in this > list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > https://github.com/apache/cxf/pull/1872 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Freeman Yue Fang updated CXF-9014: -- Attachment: bob-modified.jks request-with-comment.xml request-with-trailing-whitespace.xml > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846455#comment-17846455 ] Freeman Yue Fang commented on CXF-9014: --- Hi [~jgoodyear], Thanks for reporting this, I believe this is because in bob-modified.jks(used in SignatureWhitespaceTest) it use Subject Public Key Algorithm: 1024-bit RSA key (weak) and isn't allowed in modern JDK versions. So I regenerated bob-modified.jks with with RSA 2048/sha256. Please see attached affected files, could you please override the those in systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action folder and retest it? Thanks! Freeman > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9014: - Affects Version/s: 4.0.4 > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
Jamie Mark Goodyear created CXF-9014: Summary: org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK Key: CXF-9014 URL: https://issues.apache.org/jira/browse/CXF-9014 Project: CXF Issue Type: Test Reporter: Jamie Mark Goodyear org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK. In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will fail when built on RH OpenJDK. Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9013) Add JAX-RS performance suite to benchmarks
[ https://issues.apache.org/jira/browse/CXF-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846329#comment-17846329 ] Jamie Mark Goodyear commented on CXF-9013: -- Conversation on CXF slack & PR comments: Move benchmarks to distribution samples folder as an end user tool. > Add JAX-RS performance suite to benchmarks > -- > > Key: CXF-9013 > URL: https://issues.apache.org/jira/browse/CXF-9013 > Project: CXF > Issue Type: Improvement >Reporter: Jamie Mark Goodyear >Priority: Minor > > Add JAX-RS suite to benchmarks. > CXF's benchmark performance suite currently includes JAX-WS based SOAP HTTP > Doc Lit. It would be nice to have a simple JAX-RS suite for rest verbs. -- This message was sent by Atlassian Jira (v8.20.10#820010)