- Issue created by @joelpittet
- Status changed to Needs review
7 months ago 12:13am 17 May 2024 - Merge request !8104Fix type error with bad user input performRequiredValidation β (Open) created by joelpittet
- Status changed to Needs work
7 months ago 5:05pm 19 May 2024 - πΊπΈUnited States smustgrave
MR appears to have failures
Most cases of tickets like these (illegal offset types) I've seen recommendations to backtrace to the point where it's suppose to be scarlar. To make sure we aren't masking a larger issue. But is possible this could be the correct approach in this case.
- π¨π¦Canada joelpittet Vancouver
@smustgrave Thanks for taking a look. I believe this is correct in this case but thanks for checking. This case I know the user-input is the source of the problem which is in the issue summary. FYI it looks like this
?tags[0][0]to help read the URL encoding above.This problem is discrete but part of a bigger set of attack vectors in the parent.
If you could point to a place where I can add a test case, that would really help me out. Otherwise I will take a horrible guess...
- Status changed to Needs review
7 months ago 12:43am 22 May 2024 - Status changed to Needs work
7 months ago 1:31pm 22 May 2024 - πΊπΈUnited States smustgrave
There's Drupal\Tests\Core\Form\FormValidatorTest we could probably expand on
Also can you rebase? I believe that random failure is fixed on head.
- Status changed to Needs review
6 months ago 6:24pm 21 June 2024 - Status changed to RTBC
6 months ago 6:44pm 21 June 2024 - π¨π¦Canada joelpittet Vancouver
Thanks for adding a test to prove the problem exists and fixing my typo!
- Status changed to Fixed
6 months ago 1:19pm 28 June 2024 - π¬π§United Kingdom alexpott πͺπΊπ
Committed and pushed b3ad358039 to 11.x and a0e23a634f to 11.0.x and 48de87ec1b to 10.4.x and f323ffae3d to 10.3.x. Thanks!
This replaces an error with a better message and a user can cause this with a crafted URL so this is a nice improvement. Backported to 10.3.x as a non-disruptive bugfix.
-
alexpott β
committed f323ffae on 10.3.x
Issue #3447748 by joelpittet, ramil g, smustgrave: TypeError: Illegal...
-
alexpott β
committed f323ffae on 10.3.x
-
alexpott β
committed 48de87ec on 10.4.x
Issue #3447748 by joelpittet, ramil g, smustgrave: TypeError: Illegal...
-
alexpott β
committed 48de87ec on 10.4.x
-
alexpott β
committed a0e23a63 on 11.0.x
Issue #3447748 by joelpittet, ramil g, smustgrave: TypeError: Illegal...
-
alexpott β
committed a0e23a63 on 11.0.x
-
alexpott β
committed b3ad3580 on 11.x
Issue #3447748 by joelpittet, ramil g, smustgrave: TypeError: Illegal...
-
alexpott β
committed b3ad3580 on 11.x
Automatically closed - issue fixed for 2 weeks with no activity.