[TYPO3-core] RFC: Bug #15311: t3lib_div::sanitizeLocalUrl() leads to fatal error on PHP4 systems
Oliver Hader
oliver at typo3.org
Tue Aug 3 16:45:30 CEST 2010
FYI: Committed to TYPO3_4-1 (rev. 8472)
olly
Am 03.08.10 16:16, schrieb Oliver Hader:
> Hi Jigal,
>
> Am 02.08.10 23:05, schrieb Jigal van Hemert:
>> Oliver Hader wrote:
>>> Solution:
>>> Remove the unicode character classes in the regular expression and
>>> replace them by regular plain classes. Besides that, the host name will
>>
>> If I read the code correctly it only wants to check for not alphanumeric
>> characters plus a few symbols and if it fails the url (part) is replaced
>> with an empty string.
>>
>> What if we use t3lib_cs::specCharsToASCII('utf-8', $url) first? This
>> will convert character to one or more ASCII characters, but they will
>> remain in the categories we wanted to check; it will not convert symbols
>> to numbers or letters.
>>
>> After conversion we can use the low-ascii regexps to validate the url
>> (parts).
>
> Mh, good one! I changed the patch to implement your suggestion.
> With v3 of the patch URLs like http://myhost.com/äöü/typo3/ are possible
> again...
>
> olly
--
Oliver Hader
TYPO3 v4 Core Team Leader
More information about the TYPO3-team-core
mailing list