PHP :: Bug #27158 :: SID put in the wrong place in anchors containing only HTML entities

Bug #27158

SID put in the wrong place in anchors containing only HTML entities

Submitted:

2004-02-05 10:02 UTC

Modified:

2004-02-05 23:19 UTC

Votes:	3
Avg. Score:	5.0 ± 0.0
Reproduced:	3 of 3 (100.0%)
Same Version:	1 (33.3%)
Same OS:	0 (0.0%)

From:

davey@php.net

Assigned:

Status:

Wont fix

Package:

Session related

PHP Version:

4.3.4

OS:

WinXP SP1 and FreeBSD 4.9

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	davey@php.net
New email:
PHP Version:		OS:

New Comment:

[2004-02-05 10:02 UTC] davey@php.net

Description:
------------
If you have an anchor, whose href is comprised ONLY of HTML entities - a common spam bot deterrent now - the SID is placed after the & from the first entity, breaking the URI.

Also, if the entities are decoded to "mailto:" links, the SID should not be appended at all...

Is it possible to decode before trying to add the SID and then re-HTMLentities?

Reproduce code:
---------------
<?php
session_start();
?>

// Link to mailto:davey@php.net
<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#100;&#97;&#118;&#101;&#121;&#64;&#112;&#104;&#112;&#46;&#110;&#101;&#116;">&#100;&#97;&#118;&#101;&#121;&#64;&#112;&#104;&#112;&#46;&#110;&#101;&#116;</a>

// Link to http://php.net
<a href="&#104;&#116;&#116;&#112;&#58;&#47;&#47;&#112;&#104;&#112;&#46;&#110;&#101;&#116;">php.net</a>


Expected result:
----------------
<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#100;&#97;&#118;&#101;&#121;&#64;&#112;&#104;&#112;&#46;&#110;&#101;&#116;">&#100;&#97;&#118;&#101;&#121;&#64;&#112;&#104;&#112;&#46;&#110;&#101;&#116;</a>

<a href="&#104;&#116;&#116;&#112;&#58;&#47;&#47;&#112;&#104;&#112;&#46;&#110;&#101;&#116;?PHPSESSID=SID">php.net</a>

Actual result:
--------------
<a href="&?PHPSESSID=d4030b2d6c97a1425c49071bf8b2ab5a#109;&#97;&#105;&#108;&#116;&#111;&#58;&#100;&#97;&#118;&#101;&#121;&#64;&#112;&#104;&#112;&#46;&#110;&#101;&#116;">&#100;&#97;&#118;&#101;&#121;&#64;&#112;&#104;&#112;&#46;&#110;&#101;&#116;</a>

<a href="&?PHPSESSID=d4030b2d6c97a1425c49071bf8b2ab5a#104;&#116;&#116;&#112;&#58;&#47;&#47;&#112;&#104;&#112;&#46;&#110;&#101;&#116;">php.net</a>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-02-05 23:19 UTC] iliaa@php.net

There is too much room for error with that approach. 
Supporting this syntax properly would be too slow.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri May 09 15:01:27 2025 UTC