Controlling Escaped Characters in string fields

Questions
1

Hi all,

I’m trying to develop a new node using the declarative style and I’m running into a few issues with controlling the characters that get escaped as a string field is processed by n8n.

Describe the problem/error/question

I’ve got this code block here for my query string parameters (See at the bottom). In short, my goal is to allow a fixed collection so I don’t have to add UI elements for every single filtering option.

The Problem
I need to be able to parse the following URL query string to the API endpoint:
/indicators?$filter=action+eq+'AlertAndBlock'

When I try this in the UI this is what I enter.

image
image776×1298 40 KB

Ultimately this is the escaped URL that n8n produces.
/indicators?%24filter=action%2Beq%2B%27AlertAndBlock%27

The API endpoint returns the following issue:

{
    "error": {
        "code": "",
        "message": "The query specified in the URI is not valid. Syntax error: character '+' is not valid at position 9 in 'action eq+'AlertAndBlock''.",
        "details": []
    }
}

Question
What’s the best way to handle what gets escaped by n8n on the input field? Ideally, I’d like to be able to ensure the “+” symbol isn’t escaped. Is there an easy way to do that?

Thanks for your assistance!

List of filtering options
The OData’s $filter query is supported on: application , createdByDisplayName , expirationTime , generateAlert , title , rbacGroupNames , rbacGroupIds , indicatorValue , indicatorType , creationTimeDateTimeUtc , createdBy , action , and severity properties.

Doco reference: List Indicators API | Microsoft Learn

Code block of Fields

{
		name: 'arguments',
		default: {},
		description: "The request's query parameters",
		displayName: 'Query Parameters',
		displayOptions: {
			show: {
				resource: ['indicator'],
				operation: ['getall'],
			},
		},
		options: [
			{
				name: 'keyvalue',
				displayName: 'Key:Value',
				values: [
					{
						displayName: 'Key',
						name: 'key',
						type: 'string',
						default: '',
						required: true,
						description: 'Key of query parameter',
					},
					{
						displayName: 'Value',
						name: 'value',
						type: 'string',
						default: '',
						routing: {
							send: {
								property: '={{$parent.key}}',
								type: 'query',
							},
						},
						required: true,
						description: 'Value of query parameter',
					},
				],
			},
		],
		type: 'fixedCollection',
		typeOptions: {
			multipleValues: true,
		},
	},
2

Now that is a good question and unfortunately I do not know the answer to this. Perhaps our chief node builder @marcus can help with properly escaping data in a declarative style node?

4

Hi @Faintiz,
yes n8n does encode url parameters by default, which should work so it’s a bit strange.

  • Are you sending your query to the correct endpoint?
  • Why does the error response action eq+'AlertAndBlock' ignore/remove the first + sign?
  • Did you try executing your query without the plus signs? Does that work?
1 Like
5

Hi @marcus,

I’ve gone through a few extra tests and unfortunately, the API endpoint requires the literal “+” sign otherwise it returns an error. Any Idea on how I could get a work around working?

Test One - Working with literal ‘+’
URL: https://api.securitycenter.microsoft.com/api/indicators?$filter=action+eq+‘AlertAndBlock’
Result:

{
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#Indicators",
    "value": []
}

Ignore the empty Value response, it’s expected as I don’t have any indicators of that type.

Test Two - Not working default escaping via n8n
URL: https://api.securitycenter.microsoft.com/api/indicators?%24filter=action%2Beq%2B'AlertAndBlock'
Result:

{
    "error": {
        "code": "",
        "message": "The query specified in the URI is not valid. Syntax error: character '+' is not valid at position 6 in 'action+eq+'AlertAndBlock''.",
        "details": []
    }
}

Test Three - Executing without the plus signs via n8n
URL: https://api.securitycenter.microsoft.com/api/indicators?%24filter=actioneq'AlertAndBlock'
Results:

{
    "error": {
        "code": "",
        "message": "The query specified in the URI is not valid. Unrecognized 'Edm.String' literal 'actioneq'AlertAndBlock'' at '0' in 'actioneq'AlertAndBlock''.",
        "details": []
    }
}

Thanks Faintiz

6

So I managed to work out what I was doing wrong. Reading through the OData V4 documentation it became apparent that putting in a literal + character while it worked, wasn’t quite right. Really it’s just a space on either side of your logical operator.

Here are some of their examples:

http://host/service/Products?$filter=Name eq ‘Milk’

and

http://host/service/Products?$filter=Name ne ‘Milk’

Final Result
Using Spaces
URL: https://api.securitycenter.microsoft.com/api/indicators?$filter=action eq ‘AlertAndBlock’
Result:

{
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#Indicators",
    "value": []
}

Using Literal + Signs
URL: https://api.securitycenter.microsoft.com/api/indicators?$filter=action+eq+‘AlertAndBlock’
Results:

{
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#Indicators",
    "value": []
}

Thanks again for your help!

3 Likes
7

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.