Difference between revisions of "Galaxy Tool Tips and Troubleshooting"
From Ucsbgalaxy
(Created page with "== Escaped Characters == When Galaxy runs string values from the UI in a command for a tool, it first escapes some characters to protect against injection attacks. For instance,…") |
(→Escaped Characters) |
||
| Line 1: | Line 1: | ||
== Escaped Characters == | == Escaped Characters == | ||
| − | When Galaxy | + | When Galaxy submits string values from the UI to a tool's config file, it first escapes some characters to protect against injection attacks. |
| − | For instance, if a user inputs the character '#' Galaxy will convert it into '__pd__' before | + | For instance, if a user inputs the character '#' Galaxy will convert it into '__pd__' before passing the string into a tool's XML config variables. |
As of yet, this is undocumented behavior. The full list of escaped characters can be found in galaxy-dist/lib/galaxy/util/__init__.py under the name mapped_chars. | As of yet, this is undocumented behavior. The full list of escaped characters can be found in galaxy-dist/lib/galaxy/util/__init__.py under the name mapped_chars. | ||
| Line 22: | Line 22: | ||
'#' : '__pd__' | '#' : '__pd__' | ||
} | } | ||
| + | |||
| + | The only known documentation of this behavior: http://gmod.827538.n3.nabble.com/inputs-sanitization-td2664336.html | ||
Revision as of 01:08, 24 November 2011
Escaped Characters
When Galaxy submits string values from the UI to a tool's config file, it first escapes some characters to protect against injection attacks.
For instance, if a user inputs the character '#' Galaxy will convert it into '__pd__' before passing the string into a tool's XML config variables.
As of yet, this is undocumented behavior. The full list of escaped characters can be found in galaxy-dist/lib/galaxy/util/__init__.py under the name mapped_chars.
For reference the full list as of 11/23/2011 is:
mapped_chars = { '>' :'__gt__',
'<' :'__lt__',
"'" :'__sq__',
'"' :'__dq__',
'[' :'__ob__',
']' :'__cb__',
'{' :'__oc__',
'}' :'__cc__',
'@' : '__at__',
'\n' : '__cn__',
'\r' : '__cr__',
'\t' : '__tc__',
'#' : '__pd__'
}
The only known documentation of this behavior: http://gmod.827538.n3.nabble.com/inputs-sanitization-td2664336.html
