Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-75360

HTML tags in user selector autocomplete elements trigger exceptions

    XMLWordPrintable

Details

    • MOODLE_311_STABLE
    • MOODLE_311_STABLE, MOODLE_400_STABLE
    • Hide
      1. Log in as admin
      2. Navigate to Server > Web services > Manage tokens
      3. Open Tokens filter form
      4. In User field enter "<"
      5. Confirm autocomplete is populated, no exceptions are thrown
      Show
      Log in as admin Navigate to Server > Web services > Manage tokens Open Tokens filter form In User field enter "<" Confirm autocomplete is populated, no exceptions are thrown

    Description

      Same problem as that described in MDL-74100, for all forms using an autocomplete enhanced via 'core_user/form_user_selector' AJAX call, a user entering anything that Moodle considers "invalid" will trigger an exception

      Example from webservices (same effect observed in Report builder forms):

      invalidparameter
      Invalid parameter value detected
      File: /lib/externallib.php
      Line: 366
      Stack trace:
       
      query => Invalid parameter value detected (Invalid external api parameter: the value is "<", the server was expecting "text" type): Invalid external api parameter: the value is "<", the server was expecting "text" type
      Error code: invalidparameter
      * line 366 of /lib/externallib.php: invalid_parameter_exception thrown
      * line 240 of /lib/externallib.php: call to external_api::validate_parameters()
      * line 81 of /lib/ajax/service.php: call to external_api::call_external_function()
      query => Invalid parameter value detected (Invalid external api parameter: the value is "<", the server was expecting "text" type): Invalid external api parameter: the value is "<", the server was expecting "text" type
      Error code: invalidparameter
      * line 366 of /lib/externallib.php: invalid_parameter_exception thrown
      * line 240 of /lib/externallib.php: call to external_api::validate_parameters()
      * line 81 of /lib/ajax/service.php: call to external_api::call_external_function()
      

      We can make this friendlier to the end user by avoiding showing confusing/unhelpful exceptions in the UI (defer parameter cleaning until later)

      Attachments

        1. 75360 Exception.png
          75360 Exception.png
          76 kB
        2. MDL-75360_master.png
          MDL-75360_master.png
          35 kB
        3. MDL-75360_v311.png
          MDL-75360_v311.png
          34 kB
        4. MDL-75360_v400.png
          MDL-75360_v400.png
          31 kB

        Issue Links

          Activity

            People

              pholden Paul Holden
              pholden Paul Holden
              Sara Arjona (@sarjona) Sara Arjona (@sarjona)
              Victor Déniz Falcón Victor Déniz Falcón
              John Edward Pedregosa John Edward Pedregosa
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 49 minutes
                  49m

                  Clockify

                    Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.