On 2020-09-15 04:25, Florian Obser wrote:
> On Mon, Sep 14, 2020 at 04:26:20PM -0500, Rafael Possamai wrote:
>>> please dont drop the all buffer , or keep it with -vv ?
>>> example : warnx("%s: bad JSON object:%s", p->newaccount, c->buf.buf);
>>>
>>> i don't want to ktrace it to see why the new certbot version is not working
>>
>> Yeah, I think it's good to have the choice to inspect the vomit, maybe you
>> stumble upon some useful nuggets for troubleshooting an obscure issue.
>>
>> I believe the JSON output is valid, just not pretty. Maybe we could add
>> syntax highlighting? (just kidding)
>>
>
> I don't understand what you people are going on about, I didn't touch
> the -v output. You can still roll around in json.
>
> It's not about if it's valid json or not, it's untrusted input that we
> spit on your console when used with -v.
Simple fix: ensure that all control characters are represented as
Unicode escape sequences. I believe that the JSON spec requires
this anyway.
