console - organisation name containing non ascii char breaks SP

[fvanderbiest]

We recently had this issue where an org name contained a French quote (like Communauté de Communes de la Région dʼA) and this broke user access to the platform, since the SP was not able to cope with it.

[pmauduit]

That is not exactly the SP which cannot cope with it: it only takes the values from the OpenLDAP (where the strings can be stored in whatever charset) and put them in the HTTP headers.

This post on stackoverflow is quite interesting and well sourced on the topic: https://stackoverflow.com/questions/4400678/what-character-encoding-should-i-use-for-a-http-header but they advise to use plain ASCII chars in the http headers (even if the specs specifies that ISO-8859 chars are ok, which might explain that the "é" accented chars are ok, but clearly the "apostrophe française" was too much to pass through and reach some touchy proxyfied servers).

In our case, the georchestra webapps (jetty) were OK with the seg-orgname headers, but the Apache HTTP2 which hosts a drupal CMS was not.

[pmauduit]

Back to the issue, I see two things:

• either normalize the string before adding the headers
• either avoid (in the console UI ? server-side in the console code ?) having unicorns emojis in the organization names ;-)

[fvanderbiest]

I think we should avoid having these in the LDAP, which means having a string validator in the console UI and backend.