IFTTT with Google Calendar: description parameter triggering an error "Action failure message: Illegal characters in parameters"
-
Hi,
I'm trying out an integration where I want to pass the description of a matching calendar event to a local script, so it can parse it for an obsidian URL to open.
in IFTTT, I ask the applet to just pass the Description as a parameter.
The activity log shows this error: Action failure message: Illegal characters in parameters
The description is:
open obsidian://open?vault=main&file=4%20Archives%2FPKB%2FPeople
So lots of potential for illegal characters there
Is there a way to ask IFTTT to encode the description in a way that TriggerCMD will accept? -
@Thomas-Vander-Stichele, you could try checking this checkbox in your user profile:
Log into your TRIGGERcmd account, then click your name in the upper-right and click Profile to open your profile page.
-
@Russ is there a good reason this is opt in rather than always the case?
-
@Russ Thank you, that worked! Had no idea that option was there. I couldn't find it in the documentation for IFTTT - might make sense to add it?
I also had to add double quotes in the IFTTT config around description, otherwise bash would drop everything after & when spawning the command.
-
@Steve-Lee, good question. The reason those characters are blocked by default is for security. If a hacker got ahold of your account and you have those characters enabled, they could use parameters to run arbitrary commands.
-
@Russ blimey, cross site scripting vulnerability!?
-
@Steve-Lee, no I mean if you have those characters enabled, you could put a whole command in the parameters field and run a second command, like this:
russ@linux:~$ echo hi & echo russ [1] 72 russ hi -
@Russ yeah, I meant similar to XSS really - untrusted input getting passed and parsed
And no way to escape. Thanks for explanation. -
R Russ moved this topic from API on Jan 9, 2024, 11:38 PM