craftcms
[4.5.5]: Redactor not allowing parenthesis
What happened?
Description
This issue does not happen ALL the time, but it has happened multiple times across 2 of my craft sites and I was finally able to record the issue (recording included below). I am using a redactor in my template on two separate sites, and there are times where content editors try to add text that includes parentheses (ex: "Developing a desktop geographic information system tool (GIS) to help...") but they are unable to save the text unless the parentheses are removed. They are given an error "Your changes could not be stored" until the parentheses are removed. The fact that this only happens some of the time tells me that it isn't a settings issue with the redactor, since any settings should be applied 100% of the time.
Steps to reproduce
https://watch.screencastify.com/v/S2CmPCPzMgi8kIkXBJq8
Expected behavior
Text should include parentheses without error
Actual behavior
"Your changes could not be stored" error when parentheses are included in text.
Craft CMS version
Craft Pro 4.5.5
PHP version
8.1.18
Operating system and version
Linux 4.14.311-233.529.amzn2.x86_64
Database type and version
MySQL 5.7.12
Image driver and version
Imagick 3.7.0 (ImageMagick 6.9.10-97)
Installed plugins and versions
- Redactor: 3.0.4
- Redactor FA List: 2.0.1
UPDATE: This issue happens under the following settings:
- redactor fields (with or without HTML purify)
- multi line and single line plaintext fields (with or without HTML purify)
- matrix fields with:
- Single line plaintext (no purify)
- Redactor fields (no purify)
Redactor plugin version: 3.0.4 redactor config settings JSON:
{
"buttons": [
"html",
"formatting",
"bold",
"italic",
"unorderedlist",
"orderedlist",
"link",
"image",
"video",
"clips"
],
"plugins": [
"table",
"video",
"clips",
"arrowlink",
"twocolumn"
],
"linkNewTab": true,
"toolbarFixed": true,
"formattingAdd": {
"lead-p": {
"title": "Lead paragraph",
"api": "module.block.format",
"args": {
"tag": "p",
"class": "lead"
}
}
},
"formatting": [
"p",
"lead-p",
"h2",
"h3",
"h4",
"h5"
],
"clips": [
["Primary Button", "<a href=\"#\" class=\"button button--primary\">Button Link</a>"]
]
}
Results of trying to save after this error appears: CONSOLE ERROR: POST - 403 Forbidden
{
"message": "Request failed with status code 403",
"name": "AxiosError",
"config": {
"transitional": {
"silentJSONParsing": true,
"forcedJSONParsing": true,
"clarifyTimeoutError": false
},
"transformRequest": [
null
],
"transformResponse": [
null
],
"timeout": 0,
"xsrfCookieName": "XSRF-TOKEN",
"xsrfHeaderName": "X-XSRF-TOKEN",
"maxContentLength": -1,
"maxBodyLength": -1,
"env": {
"FormData": null
},
"headers": {
"Accept": "application/json, text/plain, */*",
"Content-Type": "application/x-www-form-urlencoded",
"X-Requested-With": "XMLHttpRequest",
"X-Registered-Asset-Bundles": "f3074136,22e517a2,aee7f8dc,e505ffd6,6b4d7555,e5e48399,bb2f10a0,815d39ea,fc0bc163,1ccab40d,1e21896b,54698ee0,b842675b,1c3c9add,4b1fd285,d8d08e47,8f00ce04,8768f48b,cf3018d6,e1c4acb7,360f86e3,13344846,e7a608a5,e55787b7,b143120,71a89c5e,e7c1329,76719e06,7ca18ed1,92d8701,15a36a51",
"X-Registered-Js-Files": "",
"X-CSRF-Token": "cmTsLT_I1of83hNYTTPxe1k5jN8p-uM07xMQBueukdOqKSOgKlDRgPhYZvtQw5sLah6ab-HcemqA87xjGZED5VOMTUGVx_FWOpoixMzFeWDkCGLzn27Avel_6-acrqje83bKdJx6cmm15_hw_OzsUghkt4vTLZWG1sV3zTbzP-6510mpx5TMSLZSnvGj6qQtJ4D3UbNKMI4VZqm_tLazXGAuA6QKLQu0h2GYjHmDWEhP18T668NGbJdyPOb4hG8Cw2GlrzwPeqxX1ulMW7eViwZ482HdZb0rdvCkwmIDokSmqaFLVYZpBsevW_Tb2E6K0a6Wy--WRf9Br0oXWoffrBLEtY07Oy7axOtOpdOnsUX1brtdgfS7AvGOpKYjjjvxvpSyyBpf_MZgiw=="
},
"cancelToken": {
"promise": {},
"_listeners": []
},
"data": "CRAFT_CSRF_TOKEN=cmTsLT_I1of83hNYTTPxe1k5jN8p-uM07xMQBueukdOqKSOgKlDRgPhYZvtQw5sLah6ab-HcemqA87xjGZED5VOMTUGVx_FWOpoixMzFeWDkCGLzn27Avel_6-acrqje83bKdJx6cmm15_hw_OzsUghkt4vTLZWG1sV3zTbzP-6510mpx5TMSLZSnvGj6qQtJ4D3UbNKMI4VZqm_tLazXGAuA6QKLQu0h2GYjHmDWEhP18T668NGbJdyPOb4hG8Cw2GlrzwPeqxX1ulMW7eViwZ482HdZb0rdvCkwmIDokSmqaFLVYZpBsevW_Tb2E6K0a6Wy--WRf9Br0oXWoffrBLEtY07Oy7axOtOpdOnsUX1brtdgfS7AvGOpKYjjjvxvpSyyBpf_MZgiw%3D%3D&elementId=273442&siteId=1&fresh=1&title=&action=elements%2Fapply-draft&redirect=4997d543739b63f6659c8bf787afeeb0e1bc5c5bfcaacc0c9aa3544ab76582bchttps%3A%2F%2Fwww.chesapeakebay.net%2Fcms%2Fentries%23&typeId=2&slug=&parentId=&authorId=&authorId=118&enabled=1&fields%5Bblurb%5D=%3Cp%3EView%20documents%20from%20past%20Strategy%20Review%20System%20(SRS)%20cycles%20below.%3C%2Fp%3E&modifiedDeltaNames[]=fields[blurb]&draftId=6075&draftName=First%20draft&visibleLayoutElements%5Be327299f-f053-40a5-bd8e-ae6810a1b3cc%5D%5B%5D=49418f48-af88-4ead-b912-29efe14c91c4&visibleLayoutElements%5Be327299f-f053-40a5-bd8e-ae6810a1b3cc%5D%5B%5D=efc3c40b-d9f1-4567-a97c-d290f9ca7cd2&visibleLayoutElements%5Be327299f-f053-40a5-bd8e-ae6810a1b3cc%5D%5B%5D=d8eef692-ff92-49f2-ab04-1f31a07e10f4&visibleLayoutElements%5Be327299f-f053-40a5-bd8e-ae6810a1b3cc%5D%5B%5D=21c9fd06-9477-4bdd-baa8-6b3cd1e8ee8f&visibleLayoutElements%5Be327299f-f053-40a5-bd8e-ae6810a1b3cc%5D%5B%5D=b0faaad0-d2f4-41e5-bed1-9ccd700862ef&visibleLayoutElements%5Be6fb2dff-ef99-4560-b310-1f93138f7360%5D%5B%5D=2d6ad3d8-5b30-4a2f-b9be-8e8ca6a6627f&visibleLayoutElements%5Be6fb2dff-ef99-4560-b310-1f93138f7360%5D%5B%5D=b6bd7012-89cf-4308-aa86-c91a6fc25b37&visibleLayoutElements%5Be6fb2dff-ef99-4560-b310-1f93138f7360%5D%5B%5D=bbfc4eb1-8456-4185-abf8-37fb18234e73&visibleLayoutElements%5Be6fb2dff-ef99-4560-b310-1f93138f7360%5D%5B%5D=d24e5e49-0514-43a9-93f9-77fff0354a1a&visibleLayoutElements%5Be6fb2dff-ef99-4560-b310-1f93138f7360%5D%5B%5D=9f196c56-afd4-44f4-83e7-8b6622aac412&visibleLayoutElements%5Be6fb2dff-ef99-4560-b310-1f93138f7360%5D%5B%5D=b7a2c4f6-7740-4f7d-a548-b49b5b8e39ba&visibleLayoutElements%5B10eb3275-23dc-4096-8126-b77dbc6abe3a%5D%5B%5D=cd27a635-3f13-402b-96dc-99235ac839fc&visibleLayoutElements%5B10eb3275-23dc-4096-8126-b77dbc6abe3a%5D%5B%5D=a0fe1a16-0bc4-4153-986e-bf54163a0645&visibleLayoutElements%5B10eb3275-23dc-4096-8126-b77dbc6abe3a%5D%5B%5D=8012368e-73da-4940-9669-f3c3c260c15c&visibleLayoutElements%5B10eb3275-23dc-4096-8126-b77dbc6abe3a%5D%5B%5D=2d521601-976d-4f40-bdec-3b9dee8df48b&visibleLayoutElements%5B10eb3275-23dc-4096-8126-b77dbc6abe3a%5D%5B%5D=bd563028-2213-46be-83c9-32eded19ab7f&selectedTab=tab01--content&action=elements/save-draft",
"method": "post",
"url": "https://www.chesapeakebay.net/index.php?p=cms%2Factions%2Felements%2Fsave-draft",
"params": {
"v": 1701102462416
}
},
"code": "ERR_BAD_REQUEST",
"status": 403
}
NETWORK: In the network response, the parenthesis are not encoded
Update: The parenthesis only seem to be a problem when they are copy/pasted in from another source. Sometimes this bug does not happen immediately upon pasting into the entry. Sometimes it also happens when editors return to an entry that originally had saved pasted parenthesis and they try to make a change. No matter what the change is (manual write or copy/paste, parenthesis involved or not), the error is thrown and all of the parenthesis in the text need to be removed in order for the entry to save again.
Updating for anyone following- this issue has been resolved.
It turns out it was an issue with WAF rules on the hosting side. The text that was being blocked was "...System (...)" the word 'system' followed by an open and closed parenthesis. This triggered the PHPHighRiskMethodsVariables_BODY rule we had from AWS because it matched the system() PHP function pattern. We disabled that rule and the entries save fine.
This issue can be closed.
