On at least one client's instance we've just discovered a significant regression/unannounced change.
I'll retract this post if it gets corrected quickly, but for now you should be looking at any webhook definitions that:
- Use JSON token encoding in the outbound payload (extremely common when posting data to modern endpoints); and
- Use the {{program.id}} token as part of the payload (perhaps not so common across the board, but something we do many thousands of times per day)
What's changed is the {{program.id}} is now being injected as a quoted JSON String -- despite it clearly corresponding to a numeric ID value in the Marketo db.
Formerly, the {{program.id}} was a JSON Number as expected, thus had no need of escaping.
That can be harmless when the token stands alone, but not when it's used to build String values.
With the change/bug, a webhook payload constructed like so —
{
"eventCounterName" : "/events/webinars/{{program.id}}",
"maxRegistrants" : {{my.max registrants}}
}
— will now be broken, because after token interpolation it will look like this —
{
"eventCounterName" : "/events/webinars/"1234"",
"maxRegistrants" : 25
}
— and that's bad JSON.
We've found workarounds (since luckily in our case we're actually passing JavaScript, not JSON, so we can concatenate Strings manually) but some of you may not be so lucky.
Will update after more investigation, wanted to get this out there...
That's a scary one, thanks for sharing.
Curious what you hear if you get this escalated.