Moodle
  1. Moodle
  2. MDL-30005

revert too strict URL cleaning in mod/url

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 2.0.5, 2.1.2, 2.2
    • Fix Version/s: 2.0.6, 2.1.3
    • Component/s: Resource
    • Labels:
      None
    • Testing Instructions:
      Hide

      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
      2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
      3/ run tests from mod/url/simpletest/testlib.php

      Show
      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes 2/ edit 'url' table - set external url to '' and 'https://' - verify the error message 3/ run tests from mod/url/simpletest/testlib.php
    • Affected Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      w43_MDL-30005_m22_uri

      Description

      The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

      We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.

        Gliffy Diagrams

          Issue Links

            Activity

            Petr Skoda created issue -
            Petr Skoda made changes -
            Field Original Value New Value
            Fix Version/s 2.0.6 [ 11250 ]
            Fix Version/s 2.1.3 [ 11251 ]
            Priority Minor [ 4 ] Blocker [ 1 ]
            Assignee moodle.com [ moodle.com ] Petr Škoda (skodak) [ skodak ]
            Petr Skoda made changes -
            Link This issue is a regression caused by MDL-28483 [ MDL-28483 ]
            Petr Skoda made changes -
            Description The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

            Simply we can not use PARAM_URL because it is too strict.
            The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

            Simply we can not use PARAM_URL because it is too strict which breaks backwards compatibility.
            Petr Skoda made changes -
            Description The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

            Simply we can not use PARAM_URL because it is too strict which breaks backwards compatibility.
            The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

            We should not use PARAM_URL because it is too strict which breaks backwards compatibility.
            Petr Skoda made changes -
            Description The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

            We should not use PARAM_URL because it is too strict which breaks backwards compatibility.
            The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

            We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.
            Petr Skoda made changes -
            Status Open [ 1 ] Waiting for integration review [ 10010 ]
            Pull Master Diff URL https://github.com/skodak/moodle/compare/master...w43_MDL-30005_m22_uri
            Pull Master Branch w43_MDL-30005_m22_uri
            Pull 2.0 Diff URL https://github.com/skodak/moodle/compare/MOODLE_20_STABLE...w43_MDL-30005_m20_uri
            Pull from Repository git://github.com/skodak/moodle.git
            Pull 2.0 Branch w43_MDL-30005_m20_uri
            Testing Instructions 1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
            2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
            Pull 2.1 Branch w43_MDL-30005_m21_uri
            Pull 2.1 Diff URL https://github.com/skodak/moodle/compare/MOODLE_21_STABLE...w43_MDL-30005_m21_uri
            Petr Skoda made changes -
            Status Waiting for integration review [ 10010 ] Reopened [ 4 ]
            Petr Skoda made changes -
            Status Reopened [ 4 ] Development in progress [ 3 ]
            Petr Skoda made changes -
            Status Development in progress [ 3 ] Waiting for integration review [ 10010 ]
            Testing Instructions 1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
            2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
            1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
            2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
            3/ run tests from mod/url/simpletest/testlib.php
            Sam Hemelryk made changes -
            Currently in integration Yes
            Aparup Banerjee made changes -
            Status Waiting for integration review [ 10010 ] Integration review in progress [ 10004 ]
            Integrator nebgor
            Aparup Banerjee made changes -
            Link This issue has a non-specific relationship to MDL-20509 [ MDL-20509 ]
            Aparup Banerjee made changes -
            Status Integration review in progress [ 10004 ] Waiting for testing [ 10005 ]
            Affects Version/s 2.2 [ 10656 ]
            Michael de Raadt made changes -
            Status Waiting for testing [ 10005 ] Testing in progress [ 10011 ]
            Tester salvetore
            Michael de Raadt made changes -
            Status Testing in progress [ 10011 ] Problem during testing [ 10007 ]
            Aparup Banerjee made changes -
            Status Problem during testing [ 10007 ] Integration review in progress [ 10004 ]
            Aparup Banerjee made changes -
            Status Integration review in progress [ 10004 ] Waiting for testing [ 10005 ]
            Adrian Greeve made changes -
            Status Waiting for testing [ 10005 ] Testing in progress [ 10011 ]
            Tester salvetore abgreeve
            Adrian Greeve made changes -
            Status Testing in progress [ 10011 ] Tested [ 10006 ]
            Eloy Lafuente (stronk7) made changes -
            Status Tested [ 10006 ] Closed [ 6 ]
            Resolution Fixed [ 1 ]
            Currently in integration Yes [ 10041 ]
            Integration date 02/Nov/11

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: