CSV-Importer: parameter of Env.parseContext not quoted

Description

In an importer run for businesspartners I got the following log messages:

All these values look like the domain part of email addresses from my business partners. It seems that the "@" sign in the mail confuses the context parser. AFAIS this should not happen and the used text should be quoted somehow.

Environment

The parser need improvement to be able to ignore '@' in quoted string and not to parse @ coming from non AD data.

Activity

Show:
Thomas Bayen
June 7, 2013, 9:37 PM

I did set a breakpoint at Env.parseContext() and got the following stacktrace in the Eclipse Debugger:

It seems that GridTable.dataRequery got a where string that was

Later this string is parsed for Context Variables. In my opinion it is strange to parse the content of a data column for Context Variables. This can lead to security problems. At the moment I do not know in which situation this context parsing is really used. I don't want to touch it before I understand this better. Perhaps someone knows whether dataRequery really needs that.

Diego Ruiz
April 24, 2020, 3:54 PM

Hi ,

I tried to replicate this bug and couldn’t do it. I imported several business partners with email addresses as the name and value, they all imported properly, no errors thrown.

 

Maybe this ticket can be closed?

Regards,

Diego Ruiz

Carlos Ruiz
April 24, 2020, 4:56 PM

probably solved in another ticket - closing as not reproducible

Assignee

Diego Ruiz

Reporter

Thomas Bayen

Labels

Tested By

None

Fix versions

Affects versions

Priority

Minor
Configure