Interest Article

[Advisory] Bug in codename filtering feature with handling Unicode characters

July 18, 2022

SecureDrop 2.3.0 introduced a new preference to prevent initial submissions that consist only of a source’s seven word codename. Due to an implementation error, when this feature is active, initial messages containing Unicode characters will result in a server error.

We will issue a bugfix release later this month.

This preference is off by default. If you have enabled it, we recommend temporarily disabling it. This can be done in the administrative section of the Journalist Interface. Please see our documentation for details.

We will post an update when the issue has been resolved. We apologize for the inconvenience.

Return to News