Before reporting an issue

[X] I have searched existing issues
[X] I have reproduced the issue with the latest release

Area

admin/ui

Describe the bug

First I apologize for not being able to test this on the newest version. The version tested was 20.0.1 and I think this is still applicable to the newest release as well. I am not able to perform an installation easy in my work environment so I don't have the newest version to test against.

During testing, we determined that it was possible to create Realm names that had invalid characters and subsequently couldn't be deleted. The simplest way to reproduce this issue is by doing the following steps:

1.) Create a new realm with the name "%22"
2.) Once created, go into the realm settings
3.) Attempt to delete the Realm using the UI
4.) Observe error response from KeyCloak UI

I believe this is because deletions are done using the DELETE method against the realm name within the URL, which won't accept these invalid characters. The input for the realm name needs to therefore be adjusted to disallow invalid URL characters, or the deletion needs to be modified to allow deletions to be performed using others mechanisms besides the realm name on the URL.

Version

20.0.1

Expected behavior

We would be able to delete the realms created with the incorrect characters

Actual behavior

We are unable to delete the realms with the incorrect characters

How to Reproduce?

1.) Create a new realm with the name "%22"
2.) Once created, go into the realm settings
3.) Attempt to delete the Realm using the UI
4.) Observe error response from KeyCloak UI

Anything else?

No further items.