error in user-inputted content leads to unwanted links highly promoted
| Project: | Archive |
| Version: | 5.x-1.11 |
| Component: | Settings |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | active |
error in user-inputted content: accidental failure to prefix
things with http://.
Consider that, if one were on:
http://mysite.com/archive/story
(which is currently an index of recent items in the archives),
and there was something that contained this hand-written link:
then the search engine would gladly attempt:
http://mysite.com/archive/story/susvet.info
"susvet.info" isn't a year (which gets validated in
_archive_validate_year()), so it appears as if the date filter for the
callback gets ignored entirely (_archive_date()). Thus, archive.module
will return the same index it returned under the first URL, which the
search engine will gladly slurp up, following pager links as normal.
(credits for explanations go to Khalid M. Baheyeldin )
As a result, all search engine results are pollutted with susvet.info site address in h2
This is happening right now on my live site : ( , please patch this asap