I'm not precisely sure the cause or the issue. But the example I have so far, is that if I send a task from the app like hello\ (note the trailing slash), I noticed that if I synchronized the mobile app to a Taskserver, then synchronized the Taskwarrior client, I had an error.

I tried a few things, trying to reduce the issue to as little as I could, I realized I could also get the error with just the mobile app and the Taskserver, as this mobile app also errors with a response from the Taskserver. (If you have a user account you don't care about, on a Taskserver, try sending the trailing slash from one profile, create a second profile, configure the Taskserver there, and the sync request should prompt Taskserver to send the task back to the mobile app, and cause an error.)

I've added a unit test which creates a task with hello\, syncs with Taskserver, and syncs again as if it's a second mobile app, or second profile, and throws an error when it tries to decode the task as JSON. I wasn't getting the error with the task I had before sync, so I experimented to see if the task I got back was the same. It seems that Taskserver inserts a null byte on the way back. The unit test shows this equality. If I look in the tx.data file at TASKDDATA, there is no null byte. It seems to occur with the outgoing data.

The failing unit test was added at d5a5f47.

Here's what I see in the Taskserver logging:

s: INFO Sending 'XXXXclient: taskd 1.1.0
code: 200
status: Ok

{"description":"hello\\' (203 bytes)

This is strange, since I think Taskserver is actually sending the entire task, but the logging itself seems to report the task as truncated.

I think the client receives something like the following:

{
  "description":"hello\\\\\x00",
  "entry":"20210701T000000Z",
  "status":"pending",
  "uuid":"123e4567-e89b-12d3-a456-426614174000"
}

I guess my question is, what should the mobile app do to prevent this from happening? Is there an elegant rule to use as a safeguard? Presumably once you send this data to the Taskserver, your account on the server is sort of corrupted, so you'd better hope you have control over it, or that the admin can help.

Edited the title to emphasize the trailing slash, as the fix might be to avoid saving trailing slashes not escaped sufficiently.

For a little more detail, to help narrow down the issue, or present more details concretely, I'll include what I see in the local backlog.data (which more or less matches how Taskwarrior uses the same file of name), as well as the tx.data at TASKDDATA.

I've also added to the failing unit test, indicating the data before sync'ing, at 01ab1b6.

Whitespace added to the following JSON, for readability.

backlog.data

{
  "status":"pending",
  "uuid":"123e4567-e89b-12d3-a456-426614174000",
  "entry":"20210701T000000Z",
  "description":"hello\\"
}

tx.data:

{
  "status":"pending",
  "uuid":"123e4567-e89b-12d3-a456-426614174000",
  "entry":"20210701T000000Z",
  "description":"hello\\"
}

Similar issue exists for stable Taskwarrior, for example task add hello\\ seems to explode in modifying ~/.task/*.data, with partial or non-existent lines added there.

Will probably need to track the Taskwarrior and Taskserver projects, and maybe consider a quick fix in this mobile app, or simply deprioritize.

Built task 2.6.0 and task add hello\\ works now, still get failure at taskd 1.1.0, looking for an easy way to build.

Related issue filed upstream at GothenburgBitFactory/taskserver#173.

At commit bab58af, the code will throw an exception if the description has a trailing backslash, preventing saving the edit, and the exception will be presented to user.

I'm not sure what else I'll be addressing before I get around to the next release, so I will leave this issue open at least until I begin the process of the next release.

I will probably need to explore other aspects of data validation for the app. But if I hear back from Taskserver project about the null byte issue, I may remove this particular data validation. But that may raise another issue, that this app may need to track the version of the Taskserver.

Closing, as release process has started. v0.0.10 is already on App Store. Will work on releases to Play Store and F-Droid soon.