search

statamic / cms

The core Laravel CMS Composer package
https://statamic.com
Other
4.05k stars 530 forks source link

Contact form created invalid UTF-8 data in YAML which broke control panel #6860

Closed brendanfalkowski closed 10 months ago

brendanfalkowski commented 2 years ago

Bug description

A client reported they couldn't login to their control panel. Just getting 500 error on /cp/dashboard.

I updated my local repo + updated Statamic + re-deployed. Same thing.

Found this in logs:

[2022-10-11 01:05:34] production.ERROR: The YAML value does not appear to be valid UTF-8. {"userId":"ffae2ce4-c4a1-43a3-a58e-ee417c84fdbe","exception":"[object] (Statamic\\Yaml\\ParseException(code: 0): The YAML value does not appear to be valid UTF-8. at /home/forge/savoirfaireacappela.com.com/storage/statamic/tmp/yaml/9e81f4fe098a5ade56f8d6752592bd93:-1)

Checked all the recent changes, and didn't see anything wrong in content. Happened to manually try /cp/login and it rendered a 404. Realized only /cp/dashboard was failing, and it's because I included the "contact form" widget.

There were 680 junky form submissions, and one of them introduced invalid UTF-8 content somehow. Deleted them all on the server, and that resolved it.

I have a backup if you want to figure out what the invalid entry was. No idea how long ago this started happening. I didn't see anything visibly wrong in the last 20 submissions, and I stopped there.

How to reproduce

In theory, submit non-UTF-8 content in a form. Include the form submissions widget on the CP dashboard.

Note: I also couldn't access the "forms" CP area while this data existed on the server.

Logs

No response

Environment

Environment
Application Name: Savoir Faire A Cappella
Laravel Version: 9.23.0
PHP Version: 8.1.8
Composer Version: 2.4.2
Environment: production
Debug Mode: OFF
URL: savoirfaireacappella.com
Maintenance Mode: OFF

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED

Drivers
Broadcasting: log
Cache: statamic
Database: mysql
Logs: stack / single
Mail: postmark
Queue: sync
Session: file

Statamic
Addons: 0
Antlers: regex
Version: 3.3.43 Solo

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

No response

Additional details

No response

jasonvarga commented 2 years ago

Yeah if you could send us the backup that'd be great.

brendanfalkowski commented 2 years ago

Just emailed support@ with a ZIP of the YAML submissions + log file. The form entries might contain some user data, so don't want to dump publicly.

There were a few Postmark warnings which I initially thought were the problem, but those haven't resurfaced after removing all the YAML files from "storage/forms/contact"

Note: I didn't see any "binary" entries in these YAML files. That seemed to be a way to force the UTF-8 problem as reported in this issue: https://github.com/statamic/cms/issues/2574

jasonvarga commented 2 years ago

Found the issue, and it was some weird windows character encoded character that broke it.

I'm not sure how to deal with that situation as I couldn't even figure out how to paste that character in a form submission in order to break it myself.

But, we should definitely make it so that one bad submission doesn't prevent the entire listing from loading.