E: This expression contained a character which is not allowed - Resolved

divyam.maithani · October 5, 2021, 2:03pm

Hey BigFixers, Can one of you help me to create this relevance…

Q: (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls” whose (exists values whose (name of it = “1” AND it as string as lowercase = “{{“pattern”:”[*.]google.com",“filter”:{{“ISSUER”:{{“CN”:“DM User CA”,“OU”:“Certification Authorities”},“SUBJECT”:{{“OU”: “Directory Users”}}}" as lowercase) of it) of native registry)
E: This expression contained a character which is not allowed.

Thanks in Advance.

JasonWalker · October 5, 2021, 2:11pm

Ah, I see…your longer string contains embedded literal doublequotes. You need to replace those doublequotes with their percent-encoding value - %22 represents a literal doublequote in a string

Q: (exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls" whose (exists values whose (name of it = "1" AND it as string as lowercase = "{%22pattern%22:%22[*.]google.com%22,%22filter%22:{%22ISSUER%22:{%22CN%22:%22DM User CA%22,%22OU%22:%22Certification Authorities%22},%22SUBJECT%22:{%22OU%22: %22Directory Users%22}" as lowercase) of it) of native registry)
A: False
T: 1287

Additionally, since you have literal open-curly and close-curly brackets { } , if you use this inside of a relevance substitution in ActionScript you would need to escape the close-curly-brackets by doubling them up to prevent ending the substitution early

if {(exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls" whose (exists values whose (name of it = "1" AND it as string as lowercase = "{%22pattern%22:%22[*.]google.com%22,%22filter%22:{%22ISSUER%22:{%22CN%22:%22DM User CA%22,%22OU%22:%22Certification Authorities%22}},%22SUBJECT%22:{%22OU%22: %22Directory Users%22}}" as lowercase) of it) of native registry)}
  //do something
endif

divyam.maithani · October 5, 2021, 2:37pm

I putted something and showing something in the forum post
all the ’ \ ’ has been removed when I submitted the post.

correct registry value is here and also posted in slack…

Q: (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls” whose (exists values whose (name of it = “1” AND it as string as lowercase = “{"pattern":"[*.]google.com","filter":{"ISSUER":{"CN":"DM User CA","OU":"Certification Authorities"},"SUBJECT":{"OU": "Directory Users"}}}” as lowercase) of it) of native registry)

JasonWalker · October 5, 2021, 2:39pm

Put your code in a “code” tag. Highlight it and press the Code Format button -

Here is my sample code

divyam.maithani · October 5, 2021, 2:43pm

Here is the relevance

Q: (exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls" whose (exists values whose (name of it = "1" AND it as string as lowercase = "{{\"pattern\":\"[*.]google.com\",\"filter\":{{\"ISSUER\":{{\"CN\":\"DM User CA\",\"OU\":\"Certification Authorities\"},\"SUBJECT\":{{\"OU\": \"Directory Users\"}}}" as lowercase) of it) of native registry)
E: This expression contained a character which is not allowed.

JasonWalker · October 5, 2021, 2:44pm

Backslashes don’t escape doublequotes in Relevance. You still need to replace literal doublequotes in the string with %22.

SLB · October 5, 2021, 3:04pm

You would see where the expression formatting is not right in the FixletDebugger, which as @JasonWalker suggests is due to the quotes that you need to use % encoding for .

brolly33 · October 5, 2021, 8:46pm

Try:

Q: (exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls" whose (exists values whose (name of it = "1" AND it as string as lowercase = "{{%22pattern%22:%22[*.]google.com%22,%22filter%22:{{%22ISSUER%22:{{%22CN%22:%22DM User CA%22,%22OU%22:%22Certification Authorities%22},%22SUBJECT%22:{{%22OU%22: %22Directory Users%22}}}" as lowercase) of it) of native registry)

divyam.maithani · October 12, 2021, 1:04pm

Thanks @JasonWalker, @SLB, @brolly33 for the help and support. Relevance created and working as expected after replacing literal doublequotes in the string with %22.

divyam.maithani · October 12, 2021, 1:06pm

Here is the correct relevance.
After replacing literal doublequotes in the string with %22 issue got resolved.

Q:(exists keys "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls"   whose (exists values whose(name of it = "1"  AND it as string  as lowercase  = "%22{\%22pattern\%22:\%22[*.]google.com\%22,\%22filter\%22:{\%22ISSUER\%22:{\%22CN\%22:\%22DM User CA\%22,\%22OU\%22:\%22Certification Authorities\%22},\%22SUBJECT\%22:{\%22OU\%22: \%22Directory Users\%22}}}%22" as lowercase ) of it) of registry)
A: True
T: 0.542 ms
I: singular boolean

brolly33 · October 12, 2021, 1:40pm

@divyam.maithani Glad the team could help. I updated @SLB reply as “solved” or if you prefer, you could choose a different post as the solution.

divyam.maithani · October 12, 2021, 3:18pm

Subjected issue has been resolved but when I’m trying to push registry then backslash getting removed from registry. Can you please guide me little more, what am I missing?

action uses wow64 redirection false

If {{exists file "__createfile"}
  delete __createfile
Endif

If {{exists file "casb.reg"}
  delete casb.reg
Endif

createfile until @end_create_reg_file
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls]
"1"="{{\"pattern\":\"[*.]google.com\",\"filter\":{{\"ISSUER\":{{\"CN\":\"DM User CA\",\"OU\":\"Certification Authorities\"},\"SUBJECT\":{{\"OU\": \"Directory Users\"}}}"


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls]
"1"="{{\"pattern\":\"[*.]google.com\",\"filter\":{{\"ISSUER\":{{\"CN\":\"DM User CA\",\"OU\":\"Certification Authorities\"},\"SUBJECT\":{{\"OU\": \"Directory Users\"}}}"

@end_create_reg_file

move __createfile casb.reg
waithidden regedit /s "casb.reg"

JasonWalker · October 12, 2021, 3:35pm

Take a correctly-configured Registry value and export it to a file to see how it literally looks in a .reg file.

The backslashes will be doubled, I’m not sure whether anything else also gets escaped.

In Action script you’ll also need to double the { characters. The {{ will appear as a relevance-escaped single {, so to get two {{ symbols literally you’ll need {{{{

divyam.maithani · October 12, 2021, 5:02pm

Thanks, @JasonWalker, after exporting the registry backslashes got doubled.
The action script is working now.

action uses wow64 redirection false

If {{{{exists file "__createfile"}
  delete __createfile
Endif

If {{{{exists file "casb.reg"}
  delete casb.reg
Endif

createfile until @end_create_reg_file
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls]
"1"="{{\\\"pattern\\\":\\\"[*.]google.com\\\",\\\"filter\\\":{{\\\"ISSUER\\\":{{\\\"CN\\\":\\\"DM User CA\\\",\\\"OU\\\":\\\"Certification Authorities\\\"},\\\"SUBJECT\\\":{{\\\"OU\\\": \\\"Directory Users\\\"}}}"


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls]
"1"="{{\\\"pattern\\\":\\\"[*.]google.com\\\",\\\"filter\\\":{{\\\"ISSUER\\\":{{\\\"CN\\\":\\\"DM User CA\\\",\\\"OU\\\":\\\"Certification Authorities\\\"},\\\"SUBJECT\\\":{{\\\"OU\\\": \\\"Directory Users\\\"}}}"

@end_create_reg_file

move __createfile casb.reg
waithidden regedit /s "casb.reg"