Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
When users enters an ugly string for Domain, it breaks the UI - Domains UI can subsequently not be accessed.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1. Navigate to Domains in foreman and try to create a new domain. use the following string
你好/`cat /etc/passwd/
2. Note error
3. Attempt to navigate back to main domains UI at all, e.g., server.example.com/foreman/domains
Actual results:
Initial and subsequent errors
"Oops, we're sorry but something went wrong
x No route matches {:action=>"edit", :controller=>"domains", :id=>"你好/`cat /etc/passwd/`"}
If you feel this is an error with Foreman itself, please open a new issue with Foreman ticketing system, You would probably need to attach the Full trace and relevant log entries.
Back"
User cannot access page
Expected results:
Field validation
Additional info:
Not sure if a workaround is to use cli to try and remove any gunk. Will try and report back.
A side note: The resulting error page also references tracking issues in foreman bug tracker. We fixed this elsewhere but apparently this is a new place where we need to point to BZ. I'd prefer we fix this at the same time since it's hard to try and verify such things when the underlying breakage is fixed.
from hammer -u admin -p admin domain list
3 | 你好/`cat /etc/passwd/`
So there's your proper string
It does appear we can remove it via CLI
hammer -u admin -p admin domain delete --id 3
So as we have a workaround, I will remove blocker.
Description of problem: When users enters an ugly string for Domain, it breaks the UI - Domains UI can subsequently not be accessed. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Navigate to Domains in foreman and try to create a new domain. use the following string 你好/`cat /etc/passwd/ 2. Note error 3. Attempt to navigate back to main domains UI at all, e.g., server.example.com/foreman/domains Actual results: Initial and subsequent errors "Oops, we're sorry but something went wrong x No route matches {:action=>"edit", :controller=>"domains", :id=>"你好/`cat /etc/passwd/`"} If you feel this is an error with Foreman itself, please open a new issue with Foreman ticketing system, You would probably need to attach the Full trace and relevant log entries. Back" User cannot access page Expected results: Field validation Additional info: Not sure if a workaround is to use cli to try and remove any gunk. Will try and report back.