Skip to content

Schema validation for format uri allows non ASCII chars #641

New issue
New issue
Open
1 of 1 issue completed
Open
Schema validation for format uri allows non ASCII chars#641
1 of 1 issue completed
Labels
service+dev
@bernhardreiter

Description

@bernhardreiter
bernhardreiter
opened on Jun 12, 2025

An uri with a non ASCII character like ® is not detected by the json schema libary we use.

The case is reported upstream with a suggested fix from us: santhosh-tekuri/jsonschema#226

Here is the CSAF 2.0 real world url that triggered the investiation in #474 (see more details there).

{
  "document": {
    "category": "csaf_base",
    "csaf_version": "2.0",
    "publisher": {
      "category": "other",
      "name": "Test",
      "namespace": "https://www.example.com"
    },
    "references": [
      {
        "summary": "Invalid URL",
        "url": "https://security.business.xerox.com/wp-content/uploads/2022/11/Xerox-Security-Bulletin-XRX22-026-FreeFlow®-Print-Server-v7.pdf"
      }
    ],
    "title": "Testfile with invalid URI",
    "tracking": {
      "current_release_date": "2023-11-30T12:25:34.622Z",
      "generator": {
        "date": "2023-11-30T12:27:08.481Z",
        "engine": {
          "name": "Secvisogram",
          "version": ".2.2.15"
        }
      },
      "id": "Test-2023-11-30",
      "initial_release_date": "2023-11-30T12:25:34.622Z",
      "revision_history": [
        {
          "date": "2023-11-30T12:25:34.622Z",
          "number": "1",
          "summary": "Initial version."
        }
      ],
      "status": "draft",
      "version": "1"
    }
  }
}

Originally posted by @tschmidtb51 in #474

Sub-issues

Metadata

Metadata

Assignees

No one assigned

    Labels

    service+dev

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions