Bug #16650
open
ACME account key and certificate editing pages unnecessarily double encode configuration data
0%
Description
There is a mismatch in how the acme package handles encoding/decoding of HTML character entities in a certificate's description. Go to Services / Acme Certificates / Certificates, and edit an existing certificate (or create a new one). Put characters in the description that will require HTML encoding (e.g. " or '), and save. Back on the page listing the certificates, the updated description is displayed correctly. However if you edit that certificate again, you'll see the description entry field contains the literal HTML character entity strings (e.g. " or '), and if you now save the certificate again it will encode those character entity strings (storing them as e.g. " or '). And of course if you repeat this it will re-encode that, and so on.
I have observed this as recently as version 1.0.5 but I for sure was seeing this in some versions prior. I don't recall how far back.
Related issues
Updated by Jim Pingle 2 days ago
- Has duplicate Bug #16651: acme 1.0.5 config page for editing a cert displays (and then saves) incorrect ACME Account value added
Updated by Jim Pingle 2 days ago
- Status changed from New to In Progress
- Assignee set to Jim Pingle
Updated by Jim Pingle 2 days ago
- Subject changed from acme 1.0.5 config page encodes cert description into HTML character entities but doesn't decode them, resulting in repeated nested encodings to ACME account key and certificate editing pages unnecessarily double encode configuration data