PHP :: Bug #49197 :: FILTER_VALIDATE_URL does not validate urls

Bug #49197	FILTER_VALIDATE_URL does not validate urls
Submitted:	2009-08-08 14:32 UTC	Modified:	2009-08-09 17:21 UTC
From:	matt dot farina at gmail dot com	Assigned:
Status:	Not a bug	Package:	Filter related
PHP Version:	5.2.10	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	matt dot farina at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2009-08-08 14:32 UTC] matt dot farina at gmail dot com

Description:
------------
FILTER_VALIDATE_URL doesn't actually validate a url. It passes the url 
through parse_url (which according to the documentation is not meant to 
validate a url). When tested against a test set this can be seen.

Instead of this method PHP should use a regex or some other method to 
actually validate it. See http://api.drupal.org/api/function/valid_url/6 
for an example that is to RFC 3986.

I would hope for PHP 6 we can have it look for a valid IRL (with 
international characters) as well.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-08-09 12:56 UTC] iliaa@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

.

[2009-08-09 17:21 UTC] matt dot farina at gmail dot com

The documentation at 
http://www.php.net/manual/en/filter.filters.validate.php states that it 
"Validates value as URL, optionally with required components." It does 
not validate it to be a url. I setup a simple test and it validated 
invalid urls.

I may not have reported it properly through your process and it may not 
be the best solution but this is a bug. Either a documentation bug or a 
functionality bug. This is not proper validation!

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 22:01:28 2024 UTC