If I have a Maps template, e.g., #coordinates: on page, when I try to use the Visual Editor for that page, I get "Error contacting the Parsoid/RESTBase server (HTTP 500)" when I try to save the page. A page with nothing but {{#coordinates:37.8012055000000089,-122.2531170280909976}} shows the problem.
The error.log ends up with a bunch of things in it along the lines of:
[Mon Jul 11 18:05:01.677269 2022] [:error] [pid 329230:tid 3645043091200] [client xx.xx.xx.xx:52242] [client xx.xx.xx.xx] ModSecurity: Warning. Pattern match "(?:;|\\\\{|\\\\||\\\\|\\\\||&|&&|\\\\n|\\\\r|\\\\$\\\\(|\\\\$\\\\(\\\\(|`|\\\\${|<\\\\(|>\\\\(|\\\\(\\\\s*\\\\))\\\\s*(?:{|\\\\s*\\\\(\\\\s*|\\\\w+=(?:[^\\\\s]*|\\\\$.*|\\\\$.*|<.*|>.*|\\\\'.*\\\\'|\\".*\\")\\\\s+|!\\\\s*|\\\\$)*\\\\s*(?:'|\\")*(?:[\\\\?\\\\*\\\\[\\\\]\\\\(\\\\)\\\\-\\\\|+\\\\w'\\"\\\\./\\\\\\\\]+/)?[\\\\\\\\'\\"]*(?:l[\\\\\\\\'\\"]* ..." at ARGS:html. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "122"] [id "932100"] [msg "Remote Command Execution: Unix Command Injection"] [data "Matched Data: ;function found within ARGS:html: <!doctype html><html prefix=\\x22dc: http://purl.org/dc/terms/ mw: http://mediawiki.org/rdf/\\x22 about=\\x22https://wiki.ouroakland.net/Special:Redirect/revision/427\\x22><head prefix=\\x22mwr: https://wiki.ouroakland.net/Special:Redirect/\\x22><meta charset=\\x22utf-8\\x22><meta property=\\x22mw:pageId\\x22 content=\\x22121\\x22><meta property=\\x22mw:pageNamespace\\x22 content=\\x220\\x22><link rel=\\x22dc:replaces\\x22 resource=\\x22mwr:revision/0\\x22><meta property=\\x22m..."] [severity "CRITICAL"] [ver "OWASP_ [hostname "wiki.ouroakland.net"] [uri "/oaklandwiki/rest.php/wiki.ouroakland.net/v3/transform/html/to/wikitext/TestMaps/427"] [unique_id "YszIvUki-DtamwvGJ51NqgAAAAo"]
I can provide more log info if that is helpful.
thanks,
Gene