Project

General

Profile

Bug #6762

"Please match the requested format" error in Chrome when editing certain form fields

Added by Brian Candler almost 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
Start date:
09/04/2016
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.3.2
Affected Architecture:

Description

I created an alias called "firewall_management"

There was an existing rule which said allow inbound SSH on WAN (from Any source).

I tried to change the source to "single host or alias", then entered the alias name (after "f" it was auto-completed to "firewall_management")

However on Save, an error "Please match the requested format" pops up next to this box. It's not possible to save the rule.

The alias is of type "Network(s)" and it contains a mixture of IPv4 and IPv6 prefixes. The rule was originally "IPv4 TCP" but I changed it to "IPv4+6 TCP", and it still doesn't accept the alias as a source.

The same problem if I select "Network" rather than "single host or alias". The "f" still auto-completes to "firewall_management", but gives the same error "Please match the requested format"

History

#1 Updated by Kill Bill almost 3 years ago

Sounds like your browser is inserting whitespace junk or whatever on "autocomplete".

#2 Updated by Brian Candler almost 3 years ago

Interesting idea.

This is using Chrome 53 under OSX. By positioning the cursor at both ends of the string I can see no extra whitespace.

However trying again with Firefox 48.0.2 it works.

Going back to Chrome, switching back to Any and then trying the alias again, it fails again. So this is repeatable. A shift-reload in Chrome doesn't make a difference.

Now, if I open the developer console in Chrome, I get this message:

Pattern attribute value [a-zA-Z0-9\_\.\:]+ is not a valid regular expression: Uncaught SyntaxError: Invalid regular expression: /[a-zA-Z0-9\_\.\:]+/: Invalid escape
firewall_rules_edit.php?id=6:1

I'm not sure I'd describe that as an "Invalid escape" but there are certainly superfluous escapes in there. /[a-zA-Z0-9_.:]+/ would be perfectly valid.

In a regexp, [.] matches just a literal dot, not any character.

#3 Updated by Brian Candler almost 3 years ago

I made the following patch to the live system, and now it works fine with Chrome.

--- /usr/local/www/firewall_rules_edit.php.orig    2016-07-19 15:33:47.000000000 +0000
+++ /usr/local/www/firewall_rules_edit.php         2016-09-04 17:48:27.356514000 +0000
@@ -1355,7 +1355,7 @@
               $type,
               $name .' Address',
               $pconfig[$type]
-          ))->addMask($type .'mask', $pconfig[$type.'mask'])->setPattern('[a-zA-Z0-9\_\.\:]+');
+          ))->addMask($type .'mask', $pconfig[$type.'mask'])->setPattern('[a-zA-Z0-9_.:]+');

           $section->add($group);

#4 Updated by Brian Candler almost 3 years ago

Looking at http://www.ecma-international.org/ecma-262/5.1/#sec-7.8.5 I'd say that Chrome is at fault:

RegularExpressionClass ::
    [ RegularExpressionClassChars ]

RegularExpressionClassChars ::
    [empty]
    RegularExpressionClassChars RegularExpressionClassChar

RegularExpressionClassChar ::
    RegularExpressionNonTerminator but not one of ] or \
    RegularExpressionBackslashSequence

RegularExpressionBackslashSequence ::
    \ RegularExpressionNonTerminator

RegularExpressionNonTerminator ::
    SourceCharacter but not LineTerminator

...

SourceCharacter ::
    any Unicode code unit

There's nothing there that forbids escaping characters which don't need to be escaped.

Still, the regular expression without backslashes should be fully compatible, and is simpler.

#6 Updated by Brian Candler almost 3 years ago

OK thanks - you can close this issue.

(BTW: is redmine or github now the preferred tracker to use?)

#7 Updated by Phillip Davis almost 3 years ago

Redmine is still the issue tracker - the code (and pull requests...) is in GitHub.

#8 Updated by Jim Pingle almost 3 years ago

  • Category set to Web Interface
  • Status changed from New to Feedback
  • Target version set to 2.3.2-p1

Setting to Feedback since the relevant fix has already been committed.

#9 Updated by Steve Allison over 2 years ago

FYI, this "[a-zA-Z0-9_.:]+" is the same as ".+". Perhaps only : or _ needs escaping?

#10 Updated by Jim Pingle over 2 years ago

Steve Allison wrote:

FYI, this "[a-zA-Z0-9_.:]+" is the same as ".+". Perhaps only : or _ needs escaping?

No it is not. "." Means a literal "." inside a character set/class, which is part of the confusion. Escaping inside a set is optional, but Chrome does not properly parse the escaping when present. The only characters that must be escaped inside a set are ']', '\', '^', and '-'

#11 Updated by Kill Bill over 2 years ago

This needs to be released. Damn annoying and Chrome fix nowhere in sight - https://bugs.chromium.org/p/chromium/issues/detail?id=639324 (WONTFIX so far, but maybe they'll get back to senses eventually, sigh.)

#12 Updated by Kill Bill over 2 years ago

Notably, this gets triggered on : as well, complete no go with IPv6.

#13 Updated by Phillip Davis over 2 years ago

I made a suggestion that it is a good time to cut a 2.3.3 release:
https://forum.pfsense.org/index.php?topic=118670.0

Of course, anyone can upgrade to the 2.3.3-DEVELOPMENT snapshots. Actually they are really good.

#14 Updated by Jim Pingle over 2 years ago

  • Status changed from Feedback to Resolved

Confirmed fixed by multiple sources.

#15 Updated by Kill Bill over 2 years ago

Phillip Davis wrote:

Of course, anyone can upgrade to the 2.3.3-DEVELOPMENT snapshots. Actually they are really good.

Certainly NOT the latest one. :=(

https://forum.pfsense.org/index.php?topic=118714.0

#16 Updated by Jim Pingle over 2 years ago

  • Subject changed from Error when selecting an alias as IP source to "Please match the requested format" error in Chrome when editing certain form fields

Updated subject to match error message/condition.

#17 Updated by Øistein Kjos over 2 years ago

I'm still having this issue.

Norwegian settings in Chromve version 55.0.2883.59
I get the error when trying to add an internal in-addr.arpa to the dns-resolvers override.
Works fine in Internet Explorer.

Also available in: Atom PDF