Moodle
  1. Moodle
  2. MDL-30005

revert too strict URL cleaning in mod/url

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 2.0.5, 2.1.2, 2.2
    • Fix Version/s: 2.0.6, 2.1.3
    • Component/s: Resource
    • Labels:
      None
    • Testing Instructions:
      Hide

      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
      2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
      3/ run tests from mod/url/simpletest/testlib.php

      Show
      1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes 2/ edit 'url' table - set external url to '' and 'https://' - verify the error message 3/ run tests from mod/url/simpletest/testlib.php
    • Affected Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_20_STABLE, MOODLE_21_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      w43_MDL-30005_m22_uri
    • Rank:
      19549

      Description

      The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

      We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.

        Issue Links

          Activity

          Petr Škoda created issue -
          Petr Škoda made changes -
          Field Original Value New Value
          Fix Version/s 2.0.6 [ 11250 ]
          Fix Version/s 2.1.3 [ 11251 ]
          Priority Minor [ 4 ] Blocker [ 1 ]
          Assignee moodle.com [ moodle.com ] Petr Škoda (skodak) [ skodak ]
          Petr Škoda made changes -
          Link This issue is a regression caused by MDL-28483 [ MDL-28483 ]
          Petr Škoda made changes -
          Description The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

          Simply we can not use PARAM_URL because it is too strict.
          The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

          Simply we can not use PARAM_URL because it is too strict which breaks backwards compatibility.
          Petr Škoda made changes -
          Description The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

          Simply we can not use PARAM_URL because it is too strict which breaks backwards compatibility.
          The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

          We should not use PARAM_URL because it is too strict which breaks backwards compatibility.
          Petr Škoda made changes -
          Description The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

          We should not use PARAM_URL because it is too strict which breaks backwards compatibility.
          The problem is we allow not only http and https, but also people do not understand that they must use encoded entities.

          We should not use PARAM_URL because it is too strict which breaks backwards compatibility, technically we previously supported general URIs, not just web URLs.
          Petr Škoda made changes -
          Status Open [ 1 ] Waiting for integration review [ 10010 ]
          Pull Master Diff URL https://github.com/skodak/moodle/compare/master...w43_MDL-30005_m22_uri
          Pull Master Branch w43_MDL-30005_m22_uri
          Pull 2.0 Diff URL https://github.com/skodak/moodle/compare/MOODLE_20_STABLE...w43_MDL-30005_m20_uri
          Pull from Repository git://github.com/skodak/moodle.git
          Pull 2.0 Branch w43_MDL-30005_m20_uri
          Testing Instructions 1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
          2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
          Pull 2.1 Branch w43_MDL-30005_m21_uri
          Pull 2.1 Diff URL https://github.com/skodak/moodle/compare/MOODLE_21_STABLE...w43_MDL-30005_m21_uri
          Petr Škoda made changes -
          Status Waiting for integration review [ 10010 ] Reopened [ 4 ]
          Petr Škoda made changes -
          Status Reopened [ 4 ] Development in progress [ 3 ]
          Petr Škoda made changes -
          Status Development in progress [ 3 ] Waiting for integration review [ 10010 ]
          Testing Instructions 1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
          2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
          1/ create new url resource - try various valid and invalid URLs and general URIs, use different display modes
          2/ edit 'url' table - set external url to '' and 'https://' - verify the error message
          3/ run tests from mod/url/simpletest/testlib.php
          Sam Hemelryk made changes -
          Currently in integration Yes
          Aparup Banerjee made changes -
          Status Waiting for integration review [ 10010 ] Integration review in progress [ 10004 ]
          Integrator nebgor
          Aparup Banerjee made changes -
          Link This issue has a non-specific relationship to MDL-20509 [ MDL-20509 ]
          Aparup Banerjee made changes -
          Status Integration review in progress [ 10004 ] Waiting for testing [ 10005 ]
          Affects Version/s 2.2 [ 10656 ]
          Michael de Raadt made changes -
          Status Waiting for testing [ 10005 ] Testing in progress [ 10011 ]
          Tester salvetore
          Michael de Raadt made changes -
          Status Testing in progress [ 10011 ] Problem during testing [ 10007 ]
          Aparup Banerjee made changes -
          Status Problem during testing [ 10007 ] Integration review in progress [ 10004 ]
          Aparup Banerjee made changes -
          Status Integration review in progress [ 10004 ] Waiting for testing [ 10005 ]
          Adrian Greeve made changes -
          Status Waiting for testing [ 10005 ] Testing in progress [ 10011 ]
          Tester salvetore abgreeve
          Adrian Greeve made changes -
          Status Testing in progress [ 10011 ] Tested [ 10006 ]
          Eloy Lafuente (stronk7) made changes -
          Status Tested [ 10006 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Currently in integration Yes [ 10041 ]
          Integration date 02/Nov/11

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: