Skip to content

Commit

Permalink
Fixes #26151: UTF-8 chars are HTML escaped when used in policy variables
Browse files Browse the repository at this point in the history
  • Loading branch information
Fdall committed Jan 10, 2025
1 parent a30d950 commit 26eee7a
Show file tree
Hide file tree
Showing 6 changed files with 56 additions and 56 deletions.
20 changes: 10 additions & 10 deletions policies/rudderc/src/backends/windows.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -377,20 +377,20 @@ mod tests {
assert_eq!(res, r);

let c = "${var}";
let r = "([Rudder.Condition]::canonify([Rudder.Datastate]::Render('{{' + @'\n\
let r = "([Rudder.Condition]::canonify([Rudder.Datastate]::Render('{{&' + @'\n\
vars.var\n\
'@ + '}}')))";
let res = canonify_condition(c).unwrap();
assert_eq!(res, r);

let c = "${my_cond}.debian|${sys.${plouf}}";
let r = r#"([Rudder.Condition]::canonify(([Rudder.Datastate]::Render('{{' + @'
let r = r#"([Rudder.Condition]::canonify(([Rudder.Datastate]::Render('{{&' + @'
vars.my_cond
'@ + '}}')) + @'
.debian|
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.plouf
'@ + '}}') + '}}'))))"#;
let res = canonify_condition(c).unwrap();
Expand Down Expand Up @@ -463,7 +463,7 @@ a simple test
assert_eq!(
"@'
a less simple
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.plouf.plouf
'@ + '}}')) + @'
test
Expand All @@ -480,7 +480,7 @@ vars.plouf.plouf
assert_eq!(
"@'
a less simple
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.technique_id.param1
'@ + '}}')) + @'
test
Expand All @@ -497,7 +497,7 @@ vars.technique_id.param1
assert_eq!(
"@'
a less simple
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.plouf.param1
'@ + '}}')) + @'
test
Expand All @@ -514,7 +514,7 @@ vars.plouf.param1
assert_eq!(
"@'
a less simple
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.param1or2
'@ + '}}')) + @'
test
Expand All @@ -531,7 +531,7 @@ vars.param1or2
assert_eq!(
"@'
a less simple
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
test
Expand All @@ -548,7 +548,7 @@ vars.sys.host
assert_eq!(
"@'
a less simple
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.const.n
'@ + '}}')) + @'
test
Expand Down
34 changes: 17 additions & 17 deletions policies/rudderc/src/ir/value.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ pub fn known_vars() -> &'static serde_yaml::Value {
}

fn nustache_render(s: &str) -> String {
format!("[Rudder.Datastate]::Render('{{{{' + {} + '}}}}')", s)
format!("[Rudder.Datastate]::Render('{{{{&' + {} + '}}}}')", s)
}

/// Rudder variable expression.
Expand Down Expand Up @@ -806,7 +806,7 @@ mod tests {
a.fmt(Target::Windows),
r###"@'
/bin/true "#
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.node.inventory.os.fullName
'@ + '}}')) + @'
"
Expand All @@ -820,7 +820,7 @@ vars.node.inventory.os.fullName
assert_eq!(b.fmt(Target::Unix), "${node.properties[a][b]}");
assert_eq!(
b.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.a.b
'@ + '}}')"#
);
Expand All @@ -829,7 +829,7 @@ vars.node.properties.a.b
assert_eq!(c.fmt(Target::Unix), "${sys.host}");
assert_eq!(
c.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')"#
);
Expand All @@ -850,11 +850,11 @@ host
assert_eq!(d.fmt(Target::Unix), "${node.properties[inner${sys.host}]}");
assert_eq!(
d.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.
'@ + @'
inner
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + '}}')"#
);
Expand All @@ -867,11 +867,11 @@ vars.sys.host
])]);
assert_eq!(
dd.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.
'@ + @'
inner
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + @'
host
Expand All @@ -886,7 +886,7 @@ host
assert_eq!(ee.fmt(Target::Unix), "${node.properties[interfaces][eth0]}");
assert_eq!(
ee.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.
'@ + @'
interfaces
Expand Down Expand Up @@ -914,17 +914,17 @@ eth0
]);
assert_eq!(
e.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.
'@ + @'
inner
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + @'
host
'@ + '}}')) + ([Rudder.Datastate]::Render('{{' + @'
'@ + '}}')) + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + @'
interfaces
Expand All @@ -950,9 +950,9 @@ tutu
])])]);
assert_eq!(
e.fmt(Target::Windows),
r#"([Rudder.Datastate]::Render('{{' + @'
r#"([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.
'@ + @'
host
Expand All @@ -965,7 +965,7 @@ host
]);
assert_eq!(
e.fmt(Target::Windows),
r#"[Rudder.Datastate]::Render('{{' + @'
r#"[Rudder.Datastate]::Render('{{&' + @'
vars.bundle.plouf.key
'@ + '}}')"#
.to_string()
Expand All @@ -980,7 +980,7 @@ vars.bundle.plouf.key
f.fmt(Target::Windows),
r#"@'
bundle.plouf is
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.bundle.plouf
'@ + '}}'))"#
.to_string()
Expand Down
42 changes: 21 additions & 21 deletions policies/rudderc/tests/cases/general/escaping/technique.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,13 @@

$reportId=$reportIdBase + "a86ce2e5-d5b6-45cc-87e8-c11cca71d966"
try {
$componentKey = ([Rudder.Datastate]::Render('{{' + @'
$componentKey = ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
. | /
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.host
'@ + '}}') + '}}')) + @'
' '' ''' $ $$ " "" \ \\😋aà3
Expand All @@ -42,13 +42,13 @@ vars.host
$reportParams = @{
ClassPrefix = ([Rudder.Condition]::canonify(("package_present_" + $componentKey)))
ComponentKey = $componentKey
ComponentName = ([Rudder.Datastate]::Render('{{' + @'
ComponentName = ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
. | /
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.host
'@ + '}}') + '}}')) + @'
' '' ''' $ $$ " "" \ \\😋aà3
Expand All @@ -60,25 +60,25 @@ vars.host
TechniqueName = $techniqueName
}

$class = ([Rudder.Condition]::canonify(([Rudder.Datastate]::Render('{{' + @'
$class = ([Rudder.Condition]::canonify(([Rudder.Datastate]::Render('{{&' + @'
vars.my_cond
'@ + '}}')) + @'
.debian|
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.plouf
'@ + '}}') + '}}'))))
if ([Rudder.Datastate]::Evaluate($class)) {
$methodParams = @{
Architecture = ''
Name = ([Rudder.Datastate]::Render('{{' + @'
Name = ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
. | /
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.host
'@ + '}}') + '}}')) + @'
' '' ''' $ $$ " "" \ \\😋aà3
Expand Down Expand Up @@ -117,13 +117,13 @@ if(Get-Service "Zabbix agent") { write-output "exists" }

$reportId=$reportIdBase + "a86ce2e5-d5b6-45cc-87e8-c11cca71d977"
try {
$componentKey = ([Rudder.Datastate]::Render('{{' + @'
$componentKey = ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
. | /
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.host
'@ + '}}') + '}}')) + @'
' '' ''' $ $$ " "" \ \\😋aà3
Expand All @@ -132,13 +132,13 @@ vars.host
$reportParams = @{
ClassPrefix = ([Rudder.Condition]::canonify(("package_present_" + $componentKey)))
ComponentKey = $componentKey
ComponentName = ([Rudder.Datastate]::Render('{{' + @'
ComponentName = ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
. | /
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.host
'@ + '}}') + '}}')) + @'
' '' ''' $ $$ " "" \ \\😋aà3
Expand All @@ -152,13 +152,13 @@ vars.host

$methodParams = @{
Architecture = ''
Name = ([Rudder.Datastate]::Render('{{' + @'
Name = ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.host
'@ + '}}')) + @'
. | /
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.sys.
'@ + [Rudder.Datastate]::Render('{{' + @'
'@ + [Rudder.Datastate]::Render('{{&' + @'
vars.host
'@ + '}}') + '}}')) + @'
' '' ''' $ $$ " "" \ \\😋aà3
Expand Down
4 changes: 2 additions & 2 deletions policies/rudderc/tests/cases/general/ntp/technique.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ htop
try {
$componentKey = @'
/bin/true "#
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.node.inventory.os.fullName
'@ + '}}')) + @'
"
Expand All @@ -102,7 +102,7 @@ vars.node.inventory.os.fullName
$methodParams = @{
Name = @'
/bin/true "#
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.node.inventory.os.fullName
'@ + '}}')) + @'
"
Expand Down
4 changes: 2 additions & 2 deletions policies/rudderc/tests/cases/general/param_in_condition/technique.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
try {
$componentKey = @'
/tmp/
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.param_in_condition.file
'@ + '}}'))
$reportParams = @{
Expand Down Expand Up @@ -77,7 +77,7 @@ vars.param_in_condition.file

$class = ([Rudder.Condition]::canonify(@'
file_check_exists__tmp_
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.param_in_condition.file
'@ + '}}')) + @'
_kept
Expand Down
8 changes: 4 additions & 4 deletions policies/rudderc/tests/cases/general/variables/technique.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,25 +47,25 @@ true
foo foobar
# With parameter
foo
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.test_windows.content
'@ + '}}')) + @'
foobar
# With a var looking like a parameter
foo
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.contentbis
'@ + '}}')) + @'
# With a const
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.const.n
'@ + '}}')) + @'
# With node properties
'@ + ([Rudder.Datastate]::Render('{{' + @'
'@ + ([Rudder.Datastate]::Render('{{&' + @'
vars.node.properties.name.key
'@ + '}}'))
Path = @'
Expand Down

0 comments on commit 26eee7a

Please sign in to comment.