Right now, this will succeed, returning all facts, and it shouldn't: {code}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] ["not" ["=", "certname", "security-sensitive-host"]]' {code}
Another example: {code:java}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] this-is-trailing-garbage-and-not-part-of-the-query' {code}
Right now, this will succeed, returning all facts, and it shouldn't: {code}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] ["not" ["=", "certname", "security-sensitive-host"]]' {code}
In the example above there isn't an enclosing set of brackets so there are two ast forms submitted but only the first is evaluated.
Another example: {code:java}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] this-is-trailing-garbage-and-not-part-of-the-query' {code}
Right now, this will succeed, returning all facts, and it shouldn't: {code}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] ["not" ["=", "certname", "security-sensitive-host"]]' {code}
In the example above there isn't an enclosing set of brackets so there are two ast forms submitted but only the first ["from", "facts"] is evaluated.
Another example: {code:java}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] this-is-trailing-garbage-and-not-part-of-the-query' {code}
Right now, this will succeed, returning all facts, and it shouldn't: {code}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] ["not" ["=", "certname", "security-sensitive-host"]]' {code} In the example above there isn't an enclosing set of brackets so there are two ast forms submitted but only the first ["from", "facts"] is evaluated.
Another example:
{code:java}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] this-is-trailing-garbage-and-not-part-of-the-query-that-gets-evaluated' {code}
Right now, this will succeed, returning all facts, and it shouldn't: {code}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] ["not" ["=", "certname", "security-sensitive-host"]]' {code} In the example above there isn't an enclosing set of brackets so there are two ast forms submitted but only the first ["from", "facts"] is evaluated.
Another example: {code:java}curl -X GET http://localhost:8080/pdb/query/v4?pretty=true --data-urlencode 'query=["from","facts"] this-is-trailing-garbage-and-not-part-of-the-query-that-gets-evaluated' {code}