cf env shows special chars like '<' and '>' in VCAP_SERVICES not correctly

[stephanme]

• I reviewed open and closed github issues that may be related to my problem.
• I tried updating to the latest version of the CF CLI to see if it fixed my problem.
• I attempted to run the command with CF_TRACE=1 to help debug the issue.
• I am reporting a bug that others will be able to reproduce.
• If this is an issue for the v7 beta release, I've read through the official docs and the release notes.

Describe the bug and the command you saw an issue with

cf env shows special chars like '<' and '>' in VCAP_SERVICES not correctly.

What happened

stephan@WDFN34095835A:~$ cf env testapp
Getting env variables for app testapp in org uptime / space test as D047883...
OK

System-Provided:
{
 "VCAP_SERVICES": {
  "myservice": [
   {
    "binding_name": null,
    "credentials": {
     "host": "1.2.3.4",
     "port": "4000",
     "secret": "abc\u003c123"  <-- wrong value
    },
...

Expected behavior

stephan@WDFN34095835A:~$ cf env testapp
Getting env variables for app testapp in org uptime / space test as D047883...
OK

System-Provided:
{
 "VCAP_SERVICES": {
  "myservice": [
   {
    "binding_name": null,
    "credentials": {
     "host": "1.2.3.4",
     "port": "4000",
     "secret": "abc<123"  <-- this would be the correct value
    },
...

To Reproduce
Steps to reproduce the behavior; include the exact CLI commands and verbose output:

1. Install worlds-simplest-service-broker with:

cf set-env myservice-broker CREDENTIALS ' {"port": "4000", "host": "1.2.3.4", "secret": "abc<123"}

2. create space scoped service broker, create service and bind to a test app

stephan@WDFN34095835A:~/d047883$  cf create-service-broker mybroker broker broker https://myservice-broker.cfapps.sap.hana.ondemand.com --space-scoped
Creating service broker mybroker in org uptime / space test as D047883...
OK
stephan@WDFN34095835A:~/d047883$ cf cs myservice shared s1
Creating service instance s1 in org uptime / space test as D047883...
OK
stephan@WDFN34095835A:~/d047883$ cf bs testapp s1
Binding service s1 to app testapp in org uptime / space test as D047883...
OK

TIP: Use 'cf restage testapp' to ensure your env variable changes take effect

3. See error with cf env testapp as shown above

The problem seems to be a rending problem. The secret is set correctly in the application (tested with cf ssh) and when enabling verbose logging, you can see that the CF API returns the correct secret value:

stephan@WDFN34095835A:~$ cf env testapp -v
...
Getting env variables for app testapp in org uptime / space test as D047883...

REQUEST: [2020-03-24T11:52:36+01:00]
GET /v2/apps/c2f01f96-8427-4d5e-bf00-1177249c1fe1/env HTTP/1.1
Host: api.cf.sap.hana.ondemand.com
Accept: application/json
Authorization: [PRIVATE DATA HIDDEN]
Content-Type: application/json
User-Agent: go-cli 6.50.0+4f0c3a2ce.2020-03-03 / linux


RESPONSE: [2020-03-24T11:52:42+01:00]
HTTP/1.1 200 OK
Connection: close
Content-Length: 1559
Content-Type: application/json;charset=utf-8
Date: Tue, 24 Mar 2020 10:52:42 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options: nosniff
X-Ratelimit-Limit: 40000
X-Ratelimit-Remaining: 39584
X-Ratelimit-Reset: 1585048710
X-Vcap-Request-Id: f9561707-64e3-4d65-7828-5ffb920b1b26::e016b261-d9f1-4689-b346-ac5d94fe22d5

{
  "staging_env_json": {
    "npm_config_@sap:registry": "https://npm.sap.com"
  },
  "running_env_json": {
    "CREDHUB_API": "https://credhub.service.cf.internal"
  },
  "environment_json": {
    "HELLO": "WORLD"
  },
  "system_env_json": {
    "VCAP_SERVICES": {
      "myservice": [
        {
  "label": "myservice",
  "provider": null,
  "plan": "shared",
  "name": "s1",
  "tags": [

  ],
  "instance_name": "s1",
  "binding_name": null,
  "credentials": {
    "host": "1.2.3.4",
    "port": "4000",
    "secret": "abc<123"  <---
  },
  "syslog_drain_url": null,
  ...
OK

System-Provided:
{
 "VCAP_SERVICES": {
  "myservice": [
   {
    "binding_name": null,
    "credentials": {
     "host": "1.2.3.4",
     "port": "4000",
     "secret": "abc\u003c123" <---
    },
...

This issue seems only to happen for VCAP_SERVICES but not to user provided env vars as you can see on the service broker:

stephan@WDFN34095835A:~$ cf env myservice-broker
Getting env variables for app myservice-broker in org uptime / space test as D047883...
OK
...
User-Provided:
AUTH_PASSWORD: broker
AUTH_USER: broker
BASE_GUID: 80553b38-21f3-4970-a5f7-5e93dbb20d99
CREDENTIALS: {"port": "4000", "host": "1.2.3.4", "secret": "abc<123"}  <---
GOPACKAGENAME: github.com/cloudfoundry-community/worlds-simplest-service-broker
GO_INSTALL_PACKAGE_SPEC: github.com/cloudfoundry-community/worlds-simplest-service-broker/cmd/worlds-simplest-service-broker
SERVICE_NAME: myservice
SERVICE_PLAN_NAME: shared
TAGS: simple,shared
...

Provide more context

• platform and shell details ( e.g. Mac OS X 10.11 iTerm)
  Win10 and also in Bash/WSL on Win10

• version of the CLI you are running
  cf version 6.50.0+4f0c3a2ce.2020-03-03
  Happens also for cf7 version 7.0.0-beta.30+6203bbe5d.2020-02-21

• version of the CC API Release you are on
  CC API v2: 2.146.0
  CC API v3: 3.81.0
  CF 12.34.0

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/171951689

The labels on this github issue will be updated when the story is started.

[FelisiaM]

@stephanme thanks for raising this issue.

We have addressed it and it will be released in the next v7 release of the CLI.

Thanks,
Felisia

[stephanme]

Thanks for the fix :-)