How can we improve the Azure mobile app?

Azure Key Vault, Runtime error on create Key API-REST

I have got a bug (I think).

First of all, the normal input like label1, works ok. So I use the API fine.

I have tested the possible names for a key, to know what type of inputs are compatible.
The name of key is in URL:

POST https://{vaultBaseUrl}/keys/{key-name}/create?api-version=2016-10-01

So I wanted try with typical hacking inputs "'<

I have encoded the inputs using URL Enconder, like this %22%27%3C

The final url is:

POST https://{vaultBaseUrl}/keys/%22%27%3C/create?api-version=2016-10-01

And it produces a Runtime Error and sends internal information (show attached file), I think the correct answer should be 400 bad request.

2 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Borja Pintos shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base