Incorrect fragment handling
whurley - April 8, 2009 - 18:34
| Project: | Link |
| Version: | 5.x-2.5 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | jcfiala |
| Status: | active |
Jump to:
Description
RFC2396 (http://www.ietf.org/rfc/rfc2396.txt C.2) does not restrict the characters after the # symbol in URIs. The regex used to validate in the module restricts it with the following: (#[a-z0-9_\-\.~+%=&,$'():;*@\[\]]*) (line 865). There are live examples of sites using forward slashes after the # symbol, e.g. http://www.cnn.com/video/#/video/politics/2008/12/09/intv.madeleine.albr.... This fails the current validation in the module. At the very least the forward slash should be added to the allowed characters. Attached is a patch that makes this change.
| Attachment | Size |
|---|---|
| link.fragment.20090408.patch | 569 bytes |
#1
Related to #323879: Facebook profile - not valid URL
#2
Just raising this issue in the list so I'm reminded of it later.