data sanitization in feed_action_add.py example

Question

data sanitization in feed_action_add.py example

Opened this issue 9 years ago · 0 comments

this command:

python feed_action_add.py -c https://cbserver -a "API" -n -i 15 -t 3 -e "me@example.com <me@example.com>"

results int he following in watchlist_action_settings:

cb=# select * from watchlist_action_settings where id=15;
 id | group_id | watchlist_id | action_type |                            action_data
----+----------+--------------+-------------+--------------------------------------------------------------------
 15 |       15 |              |           3 | {"email_recipients":[m,e@,e,x,a,m,p,l,e,.,c,o,m]}

trying to delete the feed via api fails and rendering of the feeds page in the UI also fails. CB Server API should not allow that to occur, but the example script should/could be more defensive as well.