Skip to content

[v3-3-test] Reject reserved XCom serialization keys submitted as JSON string literals (#69378)#69462

Merged
potiuk merged 1 commit into
v3-3-testfrom
backport-aae7c8f-v3-3-test
Jul 6, 2026
Merged

[v3-3-test] Reject reserved XCom serialization keys submitted as JSON string literals (#69378)#69462
potiuk merged 1 commit into
v3-3-testfrom
backport-aae7c8f-v3-3-test

Conversation

@github-actions

@github-actions github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

The XCom create/update payload validator _check_forbidden_xcom_keys
recursively rejects reserved serialization keys (classname, __type,
__var, ...) in dict/list values. Its _walk helper descended dicts, lists
and tuples but not str, so a value submitted as a JSON string literal
(e.g. json.dumps({"classname": ...})) was stored verbatim and re-parsed
into a dict on a ?deserialize=true read, slipping past the filter.

Extend _walk to json.loads a string value and inspect the decoded dict/list
the same way the read path does. Strings that are not JSON, or that decode
to non-container values, are unchanged and still accepted.
(cherry picked from commit aae7c8f)

Co-authored-by: Jarek Potiuk jarek@potiuk.com
Generated-by: Claude Opus 4.8 (1M context) following the guidelines at
https: //github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions

… string literals (#69378)

The XCom create/update payload validator _check_forbidden_xcom_keys
recursively rejects reserved serialization keys (__classname__, __type,
__var, ...) in dict/list values. Its _walk helper descended dicts, lists
and tuples but not str, so a value submitted as a JSON string literal
(e.g. json.dumps({"__classname__": ...})) was stored verbatim and re-parsed
into a dict on a ?deserialize=true read, slipping past the filter.

Extend _walk to json.loads a string value and inspect the decoded dict/list
the same way the read path does. Strings that are not JSON, or that decode
to non-container values, are unchanged and still accepted.
(cherry picked from commit aae7c8f)

Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
Generated-by: Claude Opus 4.8 (1M context) following the guidelines at
https: //github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions
@potiuk potiuk force-pushed the backport-aae7c8f-v3-3-test branch from cf8a7d4 to d5d4b1c Compare July 6, 2026 20:04
@potiuk potiuk merged commit 60ca576 into v3-3-test Jul 6, 2026
71 checks passed
@potiuk potiuk deleted the backport-aae7c8f-v3-3-test branch July 6, 2026 21:09
@github-actions github-actions Bot added this to the Airflow 3.3.1 milestone Jul 6, 2026
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

Hi maintainer, this PR was merged without a milestone set.
We've automatically set the milestone to Airflow 3.3.1 based on: merged to version branch
If this milestone is not correct, please update it to the appropriate milestone.

This comment was generated by Milestone Tag Assistant.

vatsrahul1001 pushed a commit that referenced this pull request Jul 7, 2026
… string literals (#69378) (#69462)

The XCom create/update payload validator _check_forbidden_xcom_keys
recursively rejects reserved serialization keys (__classname__, __type,
__var, ...) in dict/list values. Its _walk helper descended dicts, lists
and tuples but not str, so a value submitted as a JSON string literal
(e.g. json.dumps({"__classname__": ...})) was stored verbatim and re-parsed
into a dict on a ?deserialize=true read, slipping past the filter.

Extend _walk to json.loads a string value and inspect the decoded dict/list
the same way the read path does. Strings that are not JSON, or that decode
to non-container values, are unchanged and still accepted.
(cherry picked from commit aae7c8f)


Generated-by: Claude Opus 4.8 (1M context) following the guidelines at
https: //github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions

Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
vatsrahul1001 pushed a commit that referenced this pull request Jul 9, 2026
… string literals (#69378) (#69462)

The XCom create/update payload validator _check_forbidden_xcom_keys
recursively rejects reserved serialization keys (__classname__, __type,
__var, ...) in dict/list values. Its _walk helper descended dicts, lists
and tuples but not str, so a value submitted as a JSON string literal
(e.g. json.dumps({"__classname__": ...})) was stored verbatim and re-parsed
into a dict on a ?deserialize=true read, slipping past the filter.

Extend _walk to json.loads a string value and inspect the decoded dict/list
the same way the read path does. Strings that are not JSON, or that decode
to non-container values, are unchanged and still accepted.
(cherry picked from commit aae7c8f)


Generated-by: Claude Opus 4.8 (1M context) following the guidelines at
https: //github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions

Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area:API Airflow's REST/HTTP API

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant