From: Julien Pauli Date: Tue, 21 Jun 2016 10:45:49 +0000 (+0200) Subject: Fixed parse_url() for better compliance with RFC3986 X-Git-Tag: php-7.1.0alpha3~105^2~2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e2add3ed871886d1b2c7aeb4afb80ae1401e11b9;p=php Fixed parse_url() for better compliance with RFC3986 --- diff --git a/ext/standard/tests/url/parse_url_basic_001.phpt b/ext/standard/tests/url/parse_url_basic_001.phpt index e482566b88..2d41ba9c45 100644 --- a/ext/standard/tests/url/parse_url_basic_001.phpt +++ b/ext/standard/tests/url/parse_url_basic_001.phpt @@ -608,6 +608,21 @@ echo "Done"; string(12) "bar=1&boom=0" } +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0: array(6) { + ["scheme"]=> + string(4) "http" + ["host"]=> + string(15) "www.example.com" + ["port"]=> + int(8080) + ["user"]=> + string(11) "user_me-you" + ["pass"]=> + string(11) "my_pas-word" + ["query"]=> + string(12) "bar=1&boom=0" +} + --> file:///path/to/file: array(2) { ["scheme"]=> string(4) "file" diff --git a/ext/standard/tests/url/parse_url_basic_002.phpt b/ext/standard/tests/url/parse_url_basic_002.phpt index b68a82f4a9..476b897168 100644 --- a/ext/standard/tests/url/parse_url_basic_002.phpt +++ b/ext/standard/tests/url/parse_url_basic_002.phpt @@ -80,6 +80,7 @@ echo "Done"; --> /foo.php?a=b&c=d : NULL --> foo.php?a=b&c=d : NULL --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : string(4) "http" +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : string(4) "http" --> file:///path/to/file : string(4) "file" --> file://path/to/file : string(4) "file" --> file:/path/to/file : string(4) "file" diff --git a/ext/standard/tests/url/parse_url_basic_003.phpt b/ext/standard/tests/url/parse_url_basic_003.phpt index 19ee322feb..c7f3d99441 100644 --- a/ext/standard/tests/url/parse_url_basic_003.phpt +++ b/ext/standard/tests/url/parse_url_basic_003.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : NULL --> foo.php?a=b&c=d : NULL --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : string(15) "www.example.com" +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : string(15) "www.example.com" --> file:///path/to/file : NULL --> file://path/to/file : string(4) "path" --> file:/path/to/file : NULL diff --git a/ext/standard/tests/url/parse_url_basic_004.phpt b/ext/standard/tests/url/parse_url_basic_004.phpt index e26b3976fc..3cfb345f94 100644 --- a/ext/standard/tests/url/parse_url_basic_004.phpt +++ b/ext/standard/tests/url/parse_url_basic_004.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : NULL --> foo.php?a=b&c=d : NULL --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : int(8080) +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : int(8080) --> file:///path/to/file : NULL --> file://path/to/file : NULL --> file:/path/to/file : NULL diff --git a/ext/standard/tests/url/parse_url_basic_005.phpt b/ext/standard/tests/url/parse_url_basic_005.phpt index df2095a949..602bd60c0a 100644 --- a/ext/standard/tests/url/parse_url_basic_005.phpt +++ b/ext/standard/tests/url/parse_url_basic_005.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : NULL --> foo.php?a=b&c=d : NULL --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : string(4) "user" +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : string(11) "user_me-you" --> file:///path/to/file : NULL --> file://path/to/file : NULL --> file:/path/to/file : NULL diff --git a/ext/standard/tests/url/parse_url_basic_006.phpt b/ext/standard/tests/url/parse_url_basic_006.phpt index 4c79e8dcb2..69b7914258 100644 --- a/ext/standard/tests/url/parse_url_basic_006.phpt +++ b/ext/standard/tests/url/parse_url_basic_006.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : NULL --> foo.php?a=b&c=d : NULL --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : string(6) "passwd" +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : string(11) "my_pas-word" --> file:///path/to/file : NULL --> file://path/to/file : NULL --> file:/path/to/file : NULL diff --git a/ext/standard/tests/url/parse_url_basic_007.phpt b/ext/standard/tests/url/parse_url_basic_007.phpt index 52f3a92add..a8cbf2f475 100644 --- a/ext/standard/tests/url/parse_url_basic_007.phpt +++ b/ext/standard/tests/url/parse_url_basic_007.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : string(8) "/foo.php" --> foo.php?a=b&c=d : string(7) "foo.php" --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : NULL +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : NULL --> file:///path/to/file : string(13) "/path/to/file" --> file://path/to/file : string(8) "/to/file" --> file:/path/to/file : string(13) "/path/to/file" diff --git a/ext/standard/tests/url/parse_url_basic_008.phpt b/ext/standard/tests/url/parse_url_basic_008.phpt index 874c901076..21ead3b72c 100644 --- a/ext/standard/tests/url/parse_url_basic_008.phpt +++ b/ext/standard/tests/url/parse_url_basic_008.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : string(7) "a=b&c=d" --> foo.php?a=b&c=d : string(7) "a=b&c=d" --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : string(12) "bar=1&boom=0" +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : string(12) "bar=1&boom=0" --> file:///path/to/file : NULL --> file://path/to/file : NULL --> file:/path/to/file : NULL diff --git a/ext/standard/tests/url/parse_url_basic_009.phpt b/ext/standard/tests/url/parse_url_basic_009.phpt index ea0b257751..29e8312d1b 100644 --- a/ext/standard/tests/url/parse_url_basic_009.phpt +++ b/ext/standard/tests/url/parse_url_basic_009.phpt @@ -79,6 +79,7 @@ echo "Done"; --> /foo.php?a=b&c=d : NULL --> foo.php?a=b&c=d : NULL --> http://user:passwd@www.example.com:8080?bar=1&boom=0 : NULL +--> http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0 : NULL --> file:///path/to/file : NULL --> file://path/to/file : NULL --> file:/path/to/file : NULL diff --git a/ext/standard/tests/url/urls.inc b/ext/standard/tests/url/urls.inc index 6228bd8b7d..c994244256 100644 --- a/ext/standard/tests/url/urls.inc +++ b/ext/standard/tests/url/urls.inc @@ -59,6 +59,7 @@ $urls = array( '/foo.php?a=b&c=d', 'foo.php?a=b&c=d', 'http://user:passwd@www.example.com:8080?bar=1&boom=0', +'http://user_me-you:my_pas-word@www.example.com:8080?bar=1&boom=0', 'file:///path/to/file', 'file://path/to/file', 'file:/path/to/file', diff --git a/ext/standard/url.c b/ext/standard/url.c index d69c11f1c1..a33ff9ae82 100644 --- a/ext/standard/url.c +++ b/ext/standard/url.c @@ -245,7 +245,9 @@ PHPAPI php_url *php_url_parse_ex(char const *str, size_t length) /* check for invalid chars inside login/pass */ pp = s; while (pp < p) { - if (!isalnum(*pp) && *pp != ':' && *pp != ';' && *pp != '=' && !(*pp >= '!' && *pp <= ',')) { + /* http://www.rfc-editor.org/rfc/rfc3986.txt §3.2.1 */ + const char search_rfc3986[] = ":;=!$%_-.~&'()*+,"; + if (!isalnum(*pp) && !strchr(search_rfc3986, *pp)) { if (ret->scheme) { efree(ret->scheme); }