Serializing an exception as JSON does not correctly escape quotes within codeprinthtml

Description

Calling serializejson on a caught exception variable, results in any double quote characters within the codeprinthtml values within the stack trace to not be escaped.

See output from https://trycf.com/gist/64c921693ceafa89ce5f7a22d3071eca/lucee5?theme=monokai

<cfscript> try{ throw(message="Oops", detail="xyz"); } catch (any e) { jsExc = serializejson(e); } </cfscript> <cfoutput> <textarea rows="40" cols="100">#jsExc#</textarea> </cfoutput>

… there should be a \ before char 667, 672, 682, and 686 - and so on for any other codeprinthtml values within the output.

I've not been able to reproduce this with a simpler (and non exception-related) use case... not sure if this is specific to serialization of an exception, or if there if this is a more general exception.

Environment

None

Activity

Brad Wood 
5 October 2017 at 18:47

I just said this in Slack, but I don't think this is a bug any longer. The quotes are being stored in the original exception as &quot; and you're not encoding the JSON for HTML when outputting it in your example.

Cannot Reproduce

Details

Assignee

Reporter

Priority

New Issue warning screen

Before you create a new Issue, please post to the mailing list first https://dev.lucee.org

Once the issue has been verified, one of the Lucee team will ask you to file an issue

Affects versions

Created 5 October 2017 at 18:18
Updated 5 October 2017 at 18:47
Resolved 5 October 2017 at 18:47