[#2857] - Unable to delete Data Sources

Category:
Bug report
Priority:
Normal
Status:
New
Project: Severity:
Minor
Resolution:
Open
Component: Reproducibility:
N/A
Assigned to:
0

I have set up a new install of Jasper Server version 5.0. I have found that when I try and delete any Data Sources I get the following exception:

2013-04-02 14:40:41,091 WARN [http-apr-8080-exec-3] IntrusionDetector: [SECURITY FAILURE Anonymous:null@unknown -> /ExampleApplication/IntrusionDetector] Invalid input: context=Dashboard_context, type(AlphaDotUnderscore)=^[\p{L}\p{M}_\.]*$, input=JDBC Data Source
org.owasp.esapi.errors.ValidationException: Dashboard_context: Invalid input. Please conform to regex ^[\p{L}\p{M}_\.]*$ with a maximum length of 200
at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:144)
at org.owasp.esapi.reference.validation.StringValidationRule.getValid(StringValidationRule.java:306)
at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:213)
at org.owasp.esapi.reference.DefaultValidator.isValidInput(DefaultValidator.java:152)
at com.jaspersoft.jasperserver.api.security.validators.Validator.isParamValueValid(Validator.java:366)
at com.jaspersoft.jasperserver.api.security.validators.Validator$1.call(Validator.java:301)
at com.jaspersoft.jasperserver.api.security.validators.Validator$1.call(Validator.java:290)
at com.jaspersoft.jasperserver.core.util.JSONUtil.applyFunctorToJsonRecursively(JSONUtil.java:102)
at com.jaspersoft.jasperserver.core.util.JSONUtil.applyFunctorToJson(JSONUtil.java:64)
at com.jaspersoft.jasperserver.api.security.validators.Validator.validateRequestParams(Validator.java:290)
at com.jaspersoft.jasperserver.api.security.WebAppSecurityFilter.doFilter(WebAppSecurityFilter.java:73)

v5.0.0
JasperReports Server
jonathan_r's picture
Joined: Apr 2 2013 - 7:20am
Last seen: 6 years 10 months ago

1 Comment:

#1
  • Assigned:nobody»

I have worked around this by disabling input validation, however, this is far from ideal.

Feedback