Bug #16650
closed
ACME account key and certificate editing pages unnecessarily double encode configuration data
100%
Description
There is a mismatch in how the acme package handles encoding/decoding of HTML character entities in a certificate's description. Go to Services / Acme Certificates / Certificates, and edit an existing certificate (or create a new one). Put characters in the description that will require HTML encoding (e.g. " or '), and save. Back on the page listing the certificates, the updated description is displayed correctly. However if you edit that certificate again, you'll see the description entry field contains the literal HTML character entity strings (e.g. " or '), and if you now save the certificate again it will encode those character entity strings (storing them as e.g. " or '). And of course if you repeat this it will re-encode that, and so on.
I have observed this as recently as version 1.0.5 but I for sure was seeing this in some versions prior. I don't recall how far back.
Related issues
Updated by Jim Pingle about 1 month ago
- Has duplicate Bug #16651: acme 1.0.5 config page for editing a cert displays (and then saves) incorrect ACME Account value added
Updated by Jim Pingle about 1 month ago
- Status changed from New to In Progress
- Assignee set to Jim Pingle
Updated by Jim Pingle about 1 month ago
- Subject changed from acme 1.0.5 config page encodes cert description into HTML character entities but doesn't decode them, resulting in repeated nested encodings to ACME account key and certificate editing pages unnecessarily double encode configuration data
Updated by Jim Pingle 26 days ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
Fixed in ACME pkg v1.1 which is out now for pfSense Plus software version 25.11.1 and CE 2.8.1
Updated by