[MDL-30005] revert too strict URL cleaning in mod/url - Moodle Tracker

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 2.0.5, 2.1.2, 2.2
Fix Version/s: 2.0.6, 2.1.3
Component/s: Resource
Labels:
None

Testing Instructions:

Hide

1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
3/ run tests from mod/url/simpletest/testlib.php

Show
1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes 2/ edit 'url' table - set external url to '' and 'https://' - verify the error message 3/ run tests from mod/url/simpletest/testlib.php
Affected Branches:
MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
Fixed Branches:
MOODLE_20_STABLE, MOODLE_21_STABLE
Pull from Repository:
git://github.com/skodak/moodle.git
Pull Master Branch:
w43_~~MDL-30005~~_m22_uri
Pull Master Diff URL:
https://github.com/skodak/moodle/compare/master...w43_MDL-30005_m22_uri

Description

The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.

Gliffy Diagrams

Attachments

Issue Links

has a non-specific relationship to

MDL-20509 "http://" content in "add link" text box can be confusing

Closed

is a regression caused by

MDL-28483 adding URL resource without an url leads to error

Closed

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Petr Skoda added a comment - 30/Oct/11 5:09 PM

also we have the following

if (!empty($data->externalurl) && (strpos($data->externalurl, '://') === false) && (strpos($data->externalurl, '/', 0) === false)) {

    $data->externalurl = 'http://'.$data->externalurl;

that tires to fix stuff for us, it needs changes too though...

Show

Petr Skoda added a comment - 30/Oct/11 5:09 PM also we have the following if (!empty($data->externalurl) && (strpos($data->externalurl, '://') === false) && (strpos($data->externalurl, '/', 0) === false)) { $data->externalurl = 'http://'.$data->externalurl; } that tires to fix stuff for us, it needs changes too though...

Hide

Permalink

Petr Skoda added a comment - 30/Oct/11 9:57 PM

I am going to improve the handling of html entities a bit more

Show

Petr Skoda added a comment - 30/Oct/11 9:57 PM I am going to improve the handling of html entities a bit more

Hide

Permalink

Petr Skoda added a comment - 31/Oct/11 12:39 AM

done, hopefully now works as our teachers expect it...

Show

Petr Skoda added a comment - 31/Oct/11 12:39 AM done, hopefully now works as our teachers expect it...

Hide

Permalink

Petr Skoda added a comment - 31/Oct/11 6:56 AM

I have updated the repos once more, sorry...

Show

Petr Skoda added a comment - 31/Oct/11 6:56 AM I have updated the repos once more, sorry...

Hide

Permalink

Aparup Banerjee added a comment - 31/Oct/11 3:21 PM

Thank you, this has been integrated now.

tester: please test with various URLs and strange (custom?) ones too.

Show

Aparup Banerjee added a comment - 31/Oct/11 3:21 PM Thank you, this has been integrated now. tester: please test with various URLs and strange (custom?) ones too.

Hide

Permalink

Michael de Raadt added a comment - 01/Nov/11 12:01 PM - edited

I was able to create regular protocol://url urls, but when I tried a mailto : email and skype:id, it produced an error...

Warning: preg_match() expects parameter 2 to be string, object given in D:\xampp\htdocs\moodle_testing\mod\url\locallib.php on line 92

Show

Michael de Raadt added a comment - 01/Nov/11 12:01 PM - edited I was able to create regular protocol://url urls, but when I tried a mailto : email and skype:id , it produced an error... Warning: preg_match() expects parameter 2 to be string, object given in D:\xampp\htdocs\moodle_testing\mod\url\locallib.php on line 92

Hide

Permalink

Petr Skoda added a comment - 01/Nov/11 3:06 PM

ooops, sorry for the sloppy copy pasting, branches updated...

Show

Petr Skoda added a comment - 01/Nov/11 3:06 PM ooops, sorry for the sloppy copy pasting, branches updated...

Hide

Permalink

Petr Skoda added a comment - 01/Nov/11 3:16 PM

I have also noticed the 20 integration branch is missing the version bump from my branch, that will be hopefully fixed during the merge too.

Show

Petr Skoda added a comment - 01/Nov/11 3:16 PM I have also noticed the 20 integration branch is missing the version bump from my branch, that will be hopefully fixed during the merge too.

Hide

Permalink

Aparup Banerjee added a comment - 01/Nov/11 3:33 PM - edited

thanks, changes integrated. up for testing again. (including version bump)

Show

Aparup Banerjee added a comment - 01/Nov/11 3:33 PM - edited thanks, changes integrated. up for testing again. (including version bump)

Hide

Permalink

Adrian Greeve added a comment - 01/Nov/11 4:55 PM

tested with 2.2, 2.2, 2.0 All worked fine.

Show

Adrian Greeve added a comment - 01/Nov/11 4:55 PM tested with 2.2, 2.2, 2.0 All worked fine.

Hide

Permalink

Eloy Lafuente (stronk7) added a comment - 03/Nov/11 3:33 AM

And this has been sent upstream (already available @ git and cvs repos). Many, many thanks!

Closing as fixed, ciao

Show

Eloy Lafuente (stronk7) added a comment - 03/Nov/11 3:33 AM And this has been sent upstream (already available @ git and cvs repos). Many, many thanks! Closing as fixed, ciao

People

Assignee:

Petr Skoda

Reporter:

Petr Skoda

Integrator:

Aparup Banerjee

Tester:

Adrian Greeve

Participants:

Adrian Greeve, Aparup Banerjee, Eloy Lafuente (stronk7), Michael de Raadt, Petr Skoda

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

30/Oct/11 4:23 PM

Updated:

03/Nov/11 3:33 AM

Resolved:

03/Nov/11 3:33 AM

Fix Release Date:

28/Nov/11