Bug #10442
closed
ACME: special characters in descriptions trigger silent error and rollback
Added by Jens Groh over 4 years ago.
Updated over 4 years ago.
Description
pfSense: 2.4.5
Acme: 0.6.6
Re-create:
1) ACME > Certificates: create new certificate
2) enter any settings for domain etc.
3) enter any name as "Name"
4) enter a "Description" with a special character like german Umlauts "öäü" or anything alike
5) hit save
Result:
There'll be no error while saving, it just brings you to the certificate list screen without any entry (the newly created one isn't saved) and the error-bell shows one notification:
pfSense is restoring the configuration /cf/conf/backup/config-1586268777.xml @ 2020-04-07 16:13:31
Supposedly some kind of missing character encoding in the description field I suppose :)
small addition:
is related to Acme 0.6.6 (still happens on 2.5.x snapshots)
There are special chars that work (e.g. !, ) and special chars that aren't correclty translated back from HTML entities (like x%x and ") but if you enter some others like a § sign, the same thing as with äöü will happen (config rollback). So I'm thinking some problem with htmlentities() back and forth?
- Priority changed from Normal to Low
No, it's not from htmlentities. It's that those characters are not valid in XML. So the field probably needs to have its value CDATA escaped (either by adding this field name to the base system CDATA list or by changing the field name to one that's already escaped).
Ah I see. Would just filtering out those characters via an error message before trying to save it be a better approach?
I know, it's no serious bug at all, but it really cost me 30min to hunt it down while trying to setup an LE certificate via ACME package on a customer's system and not understanding why it happened. After falling back to english descriptions instead of local (german) text, of course it worked immediately ;) but as quite a few customers switch their base language of pfSense to german (besides me recommending they do not) special chars like Umlaute can happen easily when writing a quick description for rules or certificates :)
- Status changed from New to Pull Request Review
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
- Status changed from Feedback to Resolved
tested acme 0.6.7 - now you can use any characters in the Description field
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Viktor Gurov 
Updated by