From b179ab650a129bdd3533b1b225a1e7d5c8f8756c Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Mon, 2 Nov 2009 10:38:01 -0500 Subject: [PATCH 1/3] do not allow [ and ] - they are not legal URL characters --- lib/util.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/util.php b/lib/util.php index d159c583ec..caffcd8076 100644 --- a/lib/util.php +++ b/lib/util.php @@ -452,9 +452,9 @@ function common_replace_urls_callback($text, $callback, $notice_id = null) { ')'. '(?:'. '(?:\:\d+)?'. //:port - '(?:/[\pN\pL$\[\]\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"@]*)?'. // /path - '(?:\?[\pN\pL\$\[\]\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"@\/]*)?'. // ?query string - '(?:\#[\pN\pL$\[\]\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"\@/\?\#]*)?'. // #fragment + '(?:/[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"@]*)?'. // /path + '(?:\?[\pN\pL\$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"@\/]*)?'. // ?query string + '(?:\#[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"\@/\?\#]*)?'. // #fragment ')(? Date: Mon, 2 Nov 2009 10:38:58 -0500 Subject: [PATCH 2/3] do not allow " in URLs - they are not legal URL characters --- lib/util.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/util.php b/lib/util.php index caffcd8076..31a78a876a 100644 --- a/lib/util.php +++ b/lib/util.php @@ -452,9 +452,9 @@ function common_replace_urls_callback($text, $callback, $notice_id = null) { ')'. '(?:'. '(?:\:\d+)?'. //:port - '(?:/[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"@]*)?'. // /path - '(?:\?[\pN\pL\$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"@\/]*)?'. // ?query string - '(?:\#[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\"\@/\?\#]*)?'. // #fragment + '(?:/[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'@]*)?'. // /path + '(?:\?[\pN\pL\$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'@\/]*)?'. // ?query string + '(?:\#[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\@/\?\#]*)?'. // #fragment ')(? Date: Mon, 2 Nov 2009 12:52:46 -0500 Subject: [PATCH 3/3] fix the [] unit tests --- tests/URLDetectionTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/URLDetectionTest.php b/tests/URLDetectionTest.php index 0cc03ccce7..d83f9faf58 100644 --- a/tests/URLDetectionTest.php +++ b/tests/URLDetectionTest.php @@ -185,12 +185,12 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('http://example.com/path/(foo)/bar', 'http://example.com/path/(foo)/bar'), array('http://example.com/path/[foo]/bar', - 'http://example.com/path/[foo]/bar'), + 'http://example.com/path/[foo]/bar'), array('http://example.com/path/foo/(bar)', 'http://example.com/path/foo/(bar)'), //Not a valid url - urls cannot contain unencoded square brackets array('http://example.com/path/foo/[bar]', - 'http://example.com/path/foo/[bar]'), + 'http://example.com/path/foo/[bar]'), array('Hey, check out my cool site http://example.com okay?', 'Hey, check out my cool site http://example.com okay?'), array('What about parens (e.g. http://example.com/path/foo/(bar))?',