neos-development-collection icon indicating copy to clipboard operation
neos-development-collection copied to clipboard

Published 20 hours ago verified publisher icon neos

BUG: FlashMessages - current escaping of tags / collections leads to an exception

Open iseries opened this issue 2 years ago • 2 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Current Behavior

It is possible to crash parts of the neos backend by just creating a collection or tag (management -> media) named %

ezgif-2-3616c7b01a

Expected Behavior

Neos should not crash no matter what user input is made.

Steps To Reproduce

  • navigate to the media section
  • create a tag or collection named %

Environment

- Neos: 8.0, 8.1
- PHP: 8.1

Anything else?

notes

As Ferdinand Kuhl mentioned, there are some places where this happens. See e.g. the following line: https://github.com/neos/media-browser/blob/master/Classes/Controller/TagController.php#L78

This behavior could also occur with other methods, I have only tested it in the media library.

iseries avatar Sep 26 '22 08:09 iseries

Note: The bug is present as long as the current session is active. When logout -> login it's working again.

iseries avatar Sep 28 '22 10:09 iseries

https://neos-project.slack.com/archives/C050C8FEK/p1664050267660589?thread_ts=1663958831.860119&cid=C050C8FEK

more infos...

mhsdesign avatar Sep 29 '22 10:09 mhsdesign

Can confirm the bug.

One idea would be to forbid the identifier %. I don't think anyone would name their tag or collection that way. It could also be that the error occurs with several identifiers except %.

crydotsnake avatar Oct 28 '22 08:10 crydotsnake

as proposed in slack - i think we should escape the user input % properly - that can be done via %%

mhsdesign avatar Oct 28 '22 08:10 mhsdesign

Solved with: #3942

crydotsnake avatar Nov 12 '22 10:11 crydotsnake