Fixed parse_url() for better compliance with RFC3986

author Julien Pauli <jpauli@php.net>

Tue, 21 Jun 2016 10:45:49 +0000 (12:45 +0200)

committer Julien Pauli <jpauli@php.net>

Wed, 22 Jun 2016 12:05:25 +0000 (14:05 +0200)
author Julien Pauli <jpauli@php.net>
Tue, 21 Jun 2016 10:45:49 +0000 (12:45 +0200)
committer Julien Pauli <jpauli@php.net>
Wed, 22 Jun 2016 12:05:25 +0000 (14:05 +0200)
diff --git a/ext/standard/tests/url/parse_url_basic_001.phpt b/ext/standard/tests/url/parse_url_basic_001.phpt

index e482566b889cd01c14ffd2e21752aed4042f87e9..2d41ba9c457254172deb9c7bd86941f999d75ece 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_001.phpt
+++ b/ext/standard/tests/url/parse_url_basic_001.phpt
@@ -608,6 +608,21 @@ echo "Done";
    string(12) "bar=1&boom=0"
  }
  
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0: array(6) {
+  ["scheme"]=>
+  string(4) "http"
+  ["host"]=>
+  string(15) "www.example.com"
+  ["port"]=>
+  int(8080)
+  ["user"]=>
+  string(11) "user_me-you"
+  ["pass"]=>
+  string(11) "my_pas-word"
+  ["query"]=>
+  string(12) "bar=1&boom=0"
+}
+
  --> file:///path/to/file: array(2) {
    ["scheme"]=>
    string(4) "file"
diff --git a/ext/standard/tests/url/parse_url_basic_002.phpt b/ext/standard/tests/url/parse_url_basic_002.phpt

index b68a82f4a9d5a8d9c05b01a9ea2c3a97f1832423..476b897168770ebcb3636c05b1e89181607e1a8a 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_002.phpt
+++ b/ext/standard/tests/url/parse_url_basic_002.phpt
@@ -80,6 +80,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : NULL
  --> foo.php?a=b&c=d   : NULL
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : string(4) "http"
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : string(4) "http"
  --> file:///path/to/file   : string(4) "file"
  --> file://path/to/file   : string(4) "file"
  --> file:/path/to/file   : string(4) "file"
diff --git a/ext/standard/tests/url/parse_url_basic_003.phpt b/ext/standard/tests/url/parse_url_basic_003.phpt

index 19ee322feb3db542d5fec7ea0029597000e5645f..c7f3d9944115b11a5d3b2e1dc4978aeeb2e794ec 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_003.phpt
+++ b/ext/standard/tests/url/parse_url_basic_003.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : NULL
  --> foo.php?a=b&c=d   : NULL
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : string(15) "www.example.com"
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : string(15) "www.example.com"
  --> file:///path/to/file   : NULL
  --> file://path/to/file   : string(4) "path"
  --> file:/path/to/file   : NULL
diff --git a/ext/standard/tests/url/parse_url_basic_004.phpt b/ext/standard/tests/url/parse_url_basic_004.phpt

index e26b3976fc90ca5d4066738f2384f925ebefad0d..3cfb345f943b5851165cea53966c1f0b43561fa4 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_004.phpt
+++ b/ext/standard/tests/url/parse_url_basic_004.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : NULL
  --> foo.php?a=b&c=d   : NULL
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : int(8080)
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : int(8080)
  --> file:///path/to/file   : NULL
  --> file://path/to/file   : NULL
  --> file:/path/to/file   : NULL
diff --git a/ext/standard/tests/url/parse_url_basic_005.phpt b/ext/standard/tests/url/parse_url_basic_005.phpt

index df2095a949352eb74db9c8fa08d30917ee1d09b4..602bd60c0ad911beb212651e651dd538377569ee 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_005.phpt
+++ b/ext/standard/tests/url/parse_url_basic_005.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : NULL
  --> foo.php?a=b&c=d   : NULL
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : string(4) "user"
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : string(11) "user_me-you"
  --> file:///path/to/file   : NULL
  --> file://path/to/file   : NULL
  --> file:/path/to/file   : NULL
diff --git a/ext/standard/tests/url/parse_url_basic_006.phpt b/ext/standard/tests/url/parse_url_basic_006.phpt

index 4c79e8dcb22d3a299d0a795c8caac0749f6397c1..69b7914258e41276e5ec43bb407123761119183b 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_006.phpt
+++ b/ext/standard/tests/url/parse_url_basic_006.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : NULL
  --> foo.php?a=b&c=d   : NULL
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : string(6) "passwd"
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : string(11) "my_pas-word"
  --> file:///path/to/file   : NULL
  --> file://path/to/file   : NULL
  --> file:/path/to/file   : NULL
diff --git a/ext/standard/tests/url/parse_url_basic_007.phpt b/ext/standard/tests/url/parse_url_basic_007.phpt

index 52f3a92add45f5758c1468f7fb26643c9daf6301..a8cbf2f475747adab77db741caaff447857a409d 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_007.phpt
+++ b/ext/standard/tests/url/parse_url_basic_007.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : string(8) "/foo.php"
  --> foo.php?a=b&c=d   : string(7) "foo.php"
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : NULL
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : NULL
  --> file:///path/to/file   : string(13) "/path/to/file"
  --> file://path/to/file   : string(8) "/to/file"
  --> file:/path/to/file   : string(13) "/path/to/file"
diff --git a/ext/standard/tests/url/parse_url_basic_008.phpt b/ext/standard/tests/url/parse_url_basic_008.phpt

index 874c90107610df2a9a6869382ce3a368b2b4cc20..21ead3b72c8a531da6d3f71399833442382e1913 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_008.phpt
+++ b/ext/standard/tests/url/parse_url_basic_008.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : string(7) "a=b&c=d"
  --> foo.php?a=b&c=d   : string(7) "a=b&c=d"
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : string(12) "bar=1&boom=0"
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : string(12) "bar=1&boom=0"
  --> file:///path/to/file   : NULL
  --> file://path/to/file   : NULL
  --> file:/path/to/file   : NULL
diff --git a/ext/standard/tests/url/parse_url_basic_009.phpt b/ext/standard/tests/url/parse_url_basic_009.phpt

index ea0b257751ccea22778fed24a6cc55c6a815fde5..29e8312d1ba0bbd55e48af1879986ce35a22af76 100644 (file)
--- a/ext/standard/tests/url/parse_url_basic_009.phpt
+++ b/ext/standard/tests/url/parse_url_basic_009.phpt
@@ -79,6 +79,7 @@ echo "Done";
  --> /foo.php?a=b&c=d   : NULL
  --> foo.php?a=b&c=d   : NULL
  --> http://user:passwd@www.example.com:8080?bar=1&boom=0   : NULL
+--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0   : NULL
  --> file:///path/to/file   : NULL
  --> file://path/to/file   : NULL
  --> file:/path/to/file   : NULL
diff --git a/ext/standard/tests/url/urls.inc b/ext/standard/tests/url/urls.inc

index 6228bd8b7dafeed3a53395d9be34b192b17780d6..c99424425689aa315b27abd9ba1f7918c5255e35 100644 (file)
--- a/ext/standard/tests/url/urls.inc
+++ b/ext/standard/tests/url/urls.inc
@@ -59,6 +59,7 @@ $urls = array(
  '/foo.php?a=b&c=d',
  'foo.php?a=b&c=d',
  'http://user:passwd@www.example.com:8080?bar=1&boom=0',
+'http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0',
  'file:///path/to/file',
  'file://path/to/file',
  'file:/path/to/file',
diff --git a/ext/standard/url.c b/ext/standard/url.c

index d69c11f1c11038025a8725aea9afb1aa9c19f129..a33ff9ae82cbc3e1ca20c50ab64041b89854f179 100644 (file)
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -245,7 +245,9 @@ PHPAPI php_url *php_url_parse_ex(char const *str, size_t length)
                 /* check for invalid chars inside login/pass */
                 pp = s;
                 while (pp < p) {
-                       if (!isalnum(*pp) && *pp != ':' && *pp != ';' && *pp != '=' && !(*pp >= '!' && *pp <= ',')) {
+                       /* http://www.rfc-editor.org/rfc/rfc3986.txt §3.2.1 */
+                       const char search_rfc3986[] = ":;=!$%_-.~&'()*+,";
+                       if (!isalnum(*pp) && !strchr(search_rfc3986, *pp)) {
                                 if (ret->scheme) {
                                         efree(ret->scheme);
                                 }
author	Julien Pauli <jpauli@php.net>
	Tue, 21 Jun 2016 10:45:49 +0000 (12:45 +0200)
committer	Julien Pauli <jpauli@php.net>
	Wed, 22 Jun 2016 12:05:25 +0000 (14:05 +0200)
ext/standard/tests/url/parse_url_basic_001.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_002.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_003.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_004.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_005.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_006.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_007.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_008.phpt		patch \| blob \| history
ext/standard/tests/url/parse_url_basic_009.phpt		patch \| blob \| history
ext/standard/tests/url/urls.inc		patch \| blob \| history
ext/standard/url.c		patch \| blob \| history