Project

General

Profile

Bug #36968

Add validation to S3 "Access Key" and "Secret Key" fields to prevent use of non-allowed characters

Added by Michael Reynolds about 2 years ago. Updated about 2 years ago.

Status:
Done
Priority:
No priority
Assignee:
Erin Clark
Category:
GUI (new)
Target version:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

The Access Key field does not allow special characters as per https://redmine.ixsystems.com/issues/28508

These characters are currently allowed to be entered in the webui which causes a non-user friendly error message.
See S3-AccessKeyError-2018-07-06.png

This field needs validation added that will prevent the entry of special characters.
The validation should prevent the user from seeing the error message.

S3-AccessKeyError-2018-07-06.png (28 KB) S3-AccessKeyError-2018-07-06.png Michael Reynolds, 07/06/2018 04:45 PM
S3-validation-2018-07-11.png (8.55 KB) S3-validation-2018-07-11.png Michael Reynolds, 07/11/2018 09:50 AM
20643
21038

Associated revisions

Revision 024bb2a3 (diff)
Added by Erin Clark about 2 years ago

Add ^\w+$ validator to S3 access_key and secret_key Ticket: #36968

History

#1 Updated by Erin Clark about 2 years ago

  • Status changed from Unscreened to Screened

#2 Updated by Erin Clark about 2 years ago

  • Assignee changed from Erin Clark to Vaibhav Chauhan

#3 Updated by Dru Lavigne about 2 years ago

  • Target version changed from Backlog to 11.2-BETA2

#4 Updated by Vaibhav Chauhan about 2 years ago

  • Assignee changed from Vaibhav Chauhan to Erin Clark

reviewed but not merged

#5 Updated by Erin Clark about 2 years ago

  • Status changed from Screened to Ready for Testing

#6 Updated by Dru Lavigne about 2 years ago

  • Subject changed from Services:S3 Access Key field validation needed to Add validation to S3 "Secret Key" field
  • Needs Doc changed from Yes to No
  • Needs Merging changed from Yes to No

#7 Updated by Michael Reynolds about 2 years ago

21038

Verified special characters are not allowed in the Access Key or Secret Key fields
see S3-validation-2018-07-11.png

#8 Updated by Dru Lavigne about 2 years ago

  • Subject changed from Add validation to S3 "Secret Key" field to Add validation to S3 "Secret Key" field to prevent use of non-allowed characters
  • Needs Doc changed from No to Yes

#9 Updated by Michael Reynolds about 2 years ago

  • Subject changed from Add validation to S3 "Secret Key" field to prevent use of non-allowed characters to Add validation to S3 "Secret Key" field
  • Needs QA changed from Yes to No
  • Needs Doc changed from Yes to No

No
There was no validation on either field before which allowed the entry of @#$%^&*() characters
when any of those characters were entered the user was presented with the error message from the middleware stating that the entry does not conform to the regex ^\w+$
The validator was added for that regex to not allow the special characters to be accepted as input
this prevents the special characters from making it to the middleware and the not very userfriendly error message from displaying

#10 Updated by Michael Reynolds about 2 years ago

  • Subject changed from Add validation to S3 "Secret Key" field to S3 "Access Key" and "Secret Key" field to prevent use of non-allowed characters
  • Needs Doc changed from No to Yes

#12 Updated by Dru Lavigne about 2 years ago

  • Subject changed from S3 "Access Key" and "Secret Key" field to prevent use of non-allowed characters to Add validation to S3 "Access Key" and "Secret Key" fields to prevent use of non-allowed characters

#13 Updated by Timothy Moore II about 2 years ago

#14 Updated by Dru Lavigne about 2 years ago

  • Status changed from Passed Testing to Done
  • Needs Doc changed from Yes to No

Also available in: Atom PDF