Skip to content

Normalizing a document with an improper id produces empty string #249

Closed
@mattcollier

Description

@mattcollier

This is of concern for systems that use hashes of documents for content-based addressing and also digital signatures. Hashing the result of jsonld.normalize is common practice for these purposes.
Hashing algorithms readily accept '' (an empty string) as a valid input. Since a valid hash is produced, this sort of issue may go unnoticed.

Would it be possible to throw an error instead of returning an empty string? I suggest that an empty string should not be valid output for normalize.

In this case, the empty output is due to this conditional: https://github.com/digitalbazaar/jsonld.js/blob/master/lib/toRdf.js#L108

Sample code:

const jsonld = require('jsonld');
const s1 = {
  "@context": "https://schema.org",
  "id": "urn:07179fd9-4856-4e55-baf8-b2589a037566",
  "name": 'White',
};
const s2 = {
  "@context": "https://schema.org",
  // `id` is not a valid URL
  "id": "07179fd9-4856-4e55-baf8-b2589a037566",
  "name": 'Brown',
};

async function go() {
  const e1 = await jsonld.expand(s1);
  console.log('EXPANDED_1', JSON.stringify(e1, null, 2));
  const e2 = await jsonld.expand(s2);
  console.log('EXPANDED_2', JSON.stringify(e2, null, 2));
  const r1 = await jsonld.normalize(s1);
  console.log('NORMALIZED_1', r1);
  const r2 = await jsonld.normalize(s2);
  console.log('NORMALIZED_2', r2);
  console.log('TEST_EMPTY_STRING', r2 === '');
}

go();

Output:

EXPANDED_1 [
  {
    "@id": "urn:07179fd9-4856-4e55-baf8-b2589a037566",
    "http://schema.org/name": [
      {
        "@value": "White"
      }
    ]
  }
]
EXPANDED_2 [
  {
    "@id": "/07179fd9-4856-4e55-baf8-b2589a037566",
    "http://schema.org/name": [
      {
        "@value": "Brown"
      }
    ]
  }
]
NORMALIZED_1 <urn:07179fd9-4856-4e55-baf8-b2589a037566> <http://schema.org/name> "White" .

NORMALIZED_2 
TEST_EMPTY_STRING true

Related: digitalbazaar/bedrock-ledger-node#12

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions