Created attachment 924115 [details] param 'libvirt_default_console_address' and 'remote_addr' updated with utf8 chars Description of problem: I'm bit confused with the validation around the parameter those should contain a valid URL as a value or an IP address as a value. For example: if I update "unattended_url" parameter under provisioning tab with utf8 characters then UI throws error "Value must be a valid URI" Similarly, If I update following params, with any value, UI doesn't raise any error: - login_delegation_logout_url : accepts all values (-ve value, null values, utf-8, latin-1, html etc) - signo_url: accepts all values (-ve value, null values, utf-8, latin-1, html etc) - trusted_puppetmaster_hosts : Since its accepts value in an array, so I can add any value (-ve, null, html) between []. Also, the parameters whose value can be a IP address should also be validated before accepting the value. libvirt_default_console_address: accepts all values (-ve value, null values, utf-8, latin-1, html etc) remote_addr: accepts all values (-ve value, null values, utf-8, latin-1, html etc) Version-Release number of selected component (if applicable): sat6 GA snap3 How reproducible: always Steps to Reproduce: 1. update all above mentioned parameters under settings menu with some unknown random value. 2. 3. Actual results: No validation around above parameters. User can edit all these parameters with any value. A parameter whose value should be only a URL can accept anything. or a param whose value should be an IP address can accept utf8 characters. Expected results: Proper validation needs to be placed for parameters. As soon as user input any value, it should be validated by UI and user should get an error message if its a invalid value. Additional info:
Created attachment 924116 [details] parameters whose value should be an url can contain utf8 chars
Created redmine issue http://projects.theforeman.org/issues/6924 from this bug
Upstream bug component is Provisioning
Upstream bug component is Settings
Moving to POST since upstream bug http://projects.theforeman.org/issues/6924 has been closed ------------- Ondřej Pražák Applied in changeset commit:7339369dc896aa9eb3c0bdc1af7992dd6268acfd.
Created attachment 1163585 [details] Trusted Puppet master screenshot Issue still persists in Trusted Puppet master hosts options. No validation for parameters. and other options that were not validated are Administrator email address Email reply address root password in provisioning settings attached screenshots of the same.
Created attachment 1163586 [details] more options that requires checks (email)
Build :Satellite 6.2 snap13.1
Could you elaborate on what characters should be accepted in the root password? Should it be ascii only?
Sorry for hasty comment , rechecked the facts , root password can contain other char-set.
Pending PR for upstream that validates Administrator email address, Email reply address and Trusted puppetmaster hosts: https://github.com/theforeman/foreman/pull/3583
As the upstream commit has been merged I'm going to change the status to Post.
The fix to this bug will be delivered with release 6.3 of Satellite.