Inconsistent/unnecessary escaping of characters in inputs

[nikku]

Describe the bug

As a user I want to pass special chars in strings (FEEL ref) in a way that I can consume them in a job worker.

I've defined the following input mappings:

name	value
dynamic_input	= "Hello\n\nYOU!"
static_input	Hello\n\nYOU!
static_input_explicit_newlines	HELLO<newline><newline>YOU!

Executing my process I receive the following input variable values in operate (but also in my process worker):

name	value
dynamic_input	"Hello\\n\\nYOU!"
static_input	"Hello\\\\n\\\\nYOU!"
static_input_explicit_newlines	"Hello\\n\\nYOU!"

As you can see inputs are escaped differently depending on whether I use \n encoded newlines or actual newline characters. Escaping happening in the first place is fine I believe as this is a JSON string and \\n is the standard way to encode newlines there.

To Reproduce

• Deploy + run test process
• See double escaping happening in string inputs

Expected behavior

We do the unescaping magic ourselves so that in user land no one needs to worry:

• I define an input mapping foo = "a\nb"
• In my job worker I see foo = "a\nb"

As a more user un-friendly alternative we could consider: String inputs are escaped like expression inputs (no double escaping), we clearly document how escaped strings shall be worked with (and how un-escaping has to be done in user land). This is closer to the existing behavior.

Log/Stacktrace

none.

Environment:

• OS: Linux
• Zeebe Version: 8.0.2
• Configuration: nothing special

Support:
SUPPORT-15887
SUPPORT-17621

Tasks

Preview Give feedback

1. Verify correct behaviour of input mappings after bump to FEEL 1.17.3 zeebe#15445
   area/test kind/bug version:8.4.0 version:8.4.0-alpha2 +4
   
2. Special characters in static inputs should not be escaped zeebe#15447
   kind/bug version:8.4.0 +2
   
3. Verify unicode characters are not escaped in input mappings zeebe#15446
   area/test component/zeebe impact/high kind/task +4
4. Highlight the new behavior change in the release notes
5. Inform the support team
6. Update the input mappings docs.

[nikku]

To add to this I see zeebe escaping unicode characters (i.e. 🤩) despite JSON having full unicode support.

Hello\n\nYOU! 🤩

turns into

"Hello\\n\\nYOU! \uD83E\uDD29"

---

"Hello\\n\\nYOU! 🤩" is a valid JSON string.

[nikku]

Is there a chance this can be fixed at some point? Or do we regard this as a nasty-bug-turned-public-api?

[menski]

@felix-mueller this is something which mostly effects connectors but it is very unexpected behavior. We would like to understand if you have any input on priority for this.

[felix-mueller]

It should be fixed at some point. Since we still need to root-cause and better understand the issue it is probably not S. We won't priotize it for the next few iterations (first we need to finish instance modification, DMN evaluation and delete definitions).

[menski]

Thanks Felix, I put the priority on "Later" for now

[darox]

I don't know whether I'm hitting the same issue. I'm using the Go client to ingest JSON formatted data into Zeebe. Jobs are failing due to escaped double quotes. If I set vars manually via simple-monitor everything works as expected.

[igpetrov]

Hi team, is there any ETA to fix this? It is affecting currently 3 connectors.

[felix-mueller]

@igpetrov currently we have planned to look into it after instance modification, DMN evaluation and Delete Definitions. these topics are scheduled to be included in our April minor release, so if we don't change priorities we probably will look at it in a few months.

from connectors perspective can we live with this for a few months?

[igpetrov]

Hi @felix-mueller, appreciate your update. Absolutely. Just wanted to understand the ETA. Thank you!

[tmetzke]

For reference, in Connectors, we currently do the following to work around this with data we receive as variables after Zeebe has processed the user input:

StringEscapeUtils.unescapeJson(jsonStringVariable)

This uses StringEscapeUtils from org.apache.commons:commons-text.

[nikku]

@felix-mueller The longer we keep such behavior in the core, the harder it will be for people to unbuild their hacks (trying to work with zeebe data). My 2️⃣ 🪙.

[nikku]

A similar issue is reported by a customer through SUPPORT-15887.

[nikku]

I've updated the issue with a clear expected behavior, reflecting https://jira.camunda.com/browse/SUPPORT-15887, but also #9859 (comment) have reported.

[menski]

Discussed in the planning meeting on 2023-02-17. Right now we don't have capacity to work on this, and deprioritize it as the customer has a workaround available.

[korthout]

When we work on this, we need to make sure not to break user space when backporting it to patches. We can do this by adding a configuration setting that allows switching between the current (broken) and new (fixed) behaviors. The default should stay the same in patch releases, but in a minor release we can change the default. This should be clearly communicated in the release notes (and blog) so users understand the change.

[abbasadel]

This issue was mentioned again in SUPPORT-17621 and blocking connectors team's here

[korthout]

When we resolve this issue, please verify whether the fix also resolves:

• EvaluateDecision request returns double quoted string #13551

[mschoe]

I run into this issue when using the GH outbound connector and create a new issue with a multi line description field. As this is a quite common use case I'm wondering when we are planning to provide a fix. @felix-mueller is this still scheduled for the 8.5 release in April 2024?

[christian-konrad]

Would https://github.com/camunda/product-hub/issues/1040 help here or is it just a quick fix on string behavior?

[saig0]

@nicpuppa started to work on this issue by fixing the escaping in the FEEL engine here. We plan to deliver a fix in one of the next patch releases. 🚀

@christian-konrad the FEEL templating is a bigger topic. Let's fix the issue with the escaping first. 👍

[christian-konrad]

Perfect @saig0 ! Thanks

[MaxTru]

Hi @abbasadel ,

according to the previous assessment this should have been fixed with this version bump. Can you verify from Zeebe perspective please and update this issue? Thanks

[megglos]

We need to clarify whether this change is breaking, especially in regards to present workaround in other components such as https://github.com/camunda/connector-slack/issues/48 &
https://github.com/camunda/connector-google-drive/issues/20
While for the REST connector no workaround seems to be in place and there a patch by zeebe would resolve the issue.

If it's breaking we may prefer to only release it in the next minor or at least coordinate with the affected components to remove the workaround applied for a patch. But then we have the risk that we have a dependency between patch levels of connectors and zeebe.

@abbasadel will sync with @saig0 on this tomorrow and ping back.

[abbasadel]

Hi everyone, this is Zeebe's assessment:

• The recent bug fix on the FEEL engine is not backward compatible from Zeebe's point of view. However, we believe, based on @saig0’s feedback and our tests, the impact on our users is low since the recommended workaround we provided was to use unescapeJson API from Apache Commons which handles breaking change.
• As the previous behavior was wrong, mentioning the new behavior change in the release notes and as an announcement would be needed
• This FEEL fix should resolve bug, to be validated by Connectors/Operate teams.
• The support team should also be aware of this FEEL behavior change once release

[MaxTru]

Hi everyone, this is Zeebe's assessment:

• The recent bug fix on the FEEL engine is not backward compatible from Zeebe's point of view. However, we believe, based on @saig0’s feedback and our tests, the impact on our users is low since the recommended workaround we provided was to use unescapeJson API from Apache Commons which handles breaking change.
• As the previous behavior was wrong, mentioning the new behavior change in the release notes and as an announcement would be needed
• This FEEL fix should resolve bug, to be validated by Connectors/Operate teams.
• The support team should also be aware of this FEEL behavior change once release

Thanks @abbasadel . Will you and the ZPA team please ensure that all these things happen? If so, can we please track this via a breakdown and DRI assignments? Why is the issue not in in progress and has no assignee?

[abbasadel]

@MaxTru, we will take care of this issue

[nicpuppa]

Hi everyone, as follow up I created 3 separate issues to reduce the scope and make easier to follow the progress:

• Verify correct behaviour of input mappings after bump to FEEL 1.17.3 -> this is a testing purpose issue, to verify that the new FEEL version has the correct behaviour
• Special characters in static inputs should not be escaped -> as mentioned also by @saig0 in this comment, characters in static input are still escaped. Static input are handled directly by Zeebe
• Verify unicode characters are not escaped in input mappings -> after resolving the feel issue related to unicode, on Zeebe we should verify that the behaviour is as expected (unicode characters should not be escaped)

In accordance with @abbasadel and @saig0 I will close this issue This issue is still open only for tracking purpose, I mistakenly closed the issue

[abbasadel]

Thanks, @nicpuppa, for the updates.

I added the sub-issues into the main issue description for clarity and tracking purpose

[abbasadel]

Hi everyone,

• The dynamic_input unnecessary escaping bug is currently resolved in Zeebe 8.3.4 release
• The bug fix is Verify correct behaviour of input mappings after bump to FEEL 1.17.3 #15445 resolves the connectors team bug. Thanks @saig0 and @nicpuppa
• The corrected behavior change is highlighted in the release notes. Thanks @saig0 for the wording.
• The support team is informed about the corrected behavior change
• Next action: Update input mappings docs as suggested by @akeller

[akeller]

@abbasadel will this be included with the alpha release next week? Since this is a Zeebe task, I'm not sure what the expectation is. When you open your docs PR, please follow our PR template so we can review ASAP if you want it reviewed, merged, and published on Tuesday.

[abbasadel]

Thanks @akeller. The docs PR is already merged

[npepinpe]

It seems this can be closed as done? @nicpuppa ?

[nicpuppa]

It seems this can be closed as done? @nicpuppa ?

Sorry, I missed the comment @npepinpe 🙇 . There is still a task to be completed, that is blocked by this FEEL issue