In an importer run for businesspartners I got the following log messages:
All these values look like the domain part of email addresses from my business partners. It seems that the "@" sign in the mail confuses the context parser. AFAIS this should not happen and the used text should be quoted somehow.
The parser need improvement to be able to ignore '@' in quoted string and not to parse @ coming from non AD data.
I did set a breakpoint at Env.parseContext() and got the following stacktrace in the Eclipse Debugger:
It seems that GridTable.dataRequery got a where string that was
Later this string is parsed for Context Variables. In my opinion it is strange to parse the content of a data column for Context Variables. This can lead to security problems. At the moment I do not know in which situation this context parsing is really used. I don't want to touch it before I understand this better. Perhaps someone knows whether dataRequery really needs that.
I tried to replicate this bug and couldn’t do it. I imported several business partners with email addresses as the name and value, they all imported properly, no errors thrown.
Maybe this ticket can be closed?
probably solved in another ticket - closing as not reproducible