Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-30005

revert too strict URL cleaning in mod/url

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • 2.0.6, 2.1.3
    • 2.0.5, 2.1.2, 2.2
    • Resource
    • None
    • MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • MOODLE_20_STABLE, MOODLE_21_STABLE
    • w43_MDL-30005_m22_uri
    • Hide

      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
      2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
      3/ run tests from mod/url/simpletest/testlib.php

      Show
      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes 2/ edit 'url' table - set external url to '' and 'https://' - verify the error message 3/ run tests from mod/url/simpletest/testlib.php

      The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

      We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.

            skodak Petr Skoda
            skodak Petr Skoda
            Aparup Banerjee Aparup Banerjee
            Adrian Greeve Adrian Greeve
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.