Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-30005

revert too strict URL cleaning in mod/url

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 2.0.5, 2.1.2, 2.2
    • Fix Version/s: 2.0.6, 2.1.3
    • Component/s: Resource
    • Labels:
      None
    • Testing Instructions:
      Hide

      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
      2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
      3/ run tests from mod/url/simpletest/testlib.php

      Show
      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes 2/ edit 'url' table - set external url to '' and 'https://' - verify the error message 3/ run tests from mod/url/simpletest/testlib.php
    • Affected Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      w43_MDL-30005_m22_uri
    • Pull Master Diff URL:

      Description

      The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

      We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.

        Attachments

          Issue Links

          has a non-specific relationship to

          Sub-task - Issues are sometimes broken into multiple sub-tasks. MDL-20509 "http://" content in "add link" text box can be confusing

          • Minor - Minor loss of function where workaround is possible
          • Closed
          is a regression caused by

          Bug - A problem which impairs or prevents Moodle from functioning correctly. MDL-28483 adding URL resource without an url leads to error

          • Critical - Crashes server, loss of data, severe memory leak
          • Closed

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  28/Nov/11