ACME: special characters in descriptions trigger silent error and rollback
1) ACME > Certificates: create new certificate
2) enter any settings for domain etc.
3) enter any name as "Name"
4) enter a "Description" with a special character like german Umlauts "öäü" or anything alike
5) hit save
There'll be no error while saving, it just brings you to the certificate list screen without any entry (the newly created one isn't saved) and the error-bell shows one notification:
pfSense is restoring the configuration /cf/conf/backup/config-1586268777.xml @ 2020-04-07 16:13:31
Supposedly some kind of missing character encoding in the description field I suppose :)
#1 Updated by Jens Groh about 2 months ago
is related to Acme 0.6.6 (still happens on 2.5.x snapshots)
There are special chars that work (e.g. !, ) and special chars that aren't correclty translated back from HTML entities (like x%x and ") but if you enter some others like a § sign, the same thing as with äöü will happen (config rollback). So I'm thinking some problem with htmlentities() back and forth?
#2 Updated by Jim Pingle about 2 months ago
- Priority changed from Normal to Low
No, it's not from htmlentities. It's that those characters are not valid in XML. So the field probably needs to have its value CDATA escaped (either by adding this field name to the base system CDATA list or by changing the field name to one that's already escaped).
#3 Updated by Jens Groh about 2 months ago
Ah I see. Would just filtering out those characters via an error message before trying to save it be a better approach?
I know, it's no serious bug at all, but it really cost me 30min to hunt it down while trying to setup an LE certificate via ACME package on a customer's system and not understanding why it happened. After falling back to english descriptions instead of local (german) text, of course it worked immediately ;) but as quite a few customers switch their base language of pfSense to german (besides me recommending they do not) special chars like Umlaute can happen easily when writing a quick description for rules or certificates :)