php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #54629 FILTER_VALIDATE_URL rejects IPv6 URLs http://[::1]/
Submitted: 2011-04-29 02:17 UTC Modified: 2020-03-01 23:02 UTC
Votes:9
Avg. Score:4.3 ± 0.8
Reproduced:7 of 8 (87.5%)
Same Version:3 (42.9%)
Same OS:4 (57.1%)
From: xmilky+php at gmail dot com Assigned: cmb (profile)
Status: Duplicate Package: URL related
PHP Version: 5.3.6 OS: amd64 GNU/Linux 2.6.35
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: xmilky+php at gmail dot com
New email:
PHP Version: OS:

 

 [2011-04-29 02:17 UTC] xmilky+php at gmail dot com 
Description:
------------
I just came to wonder why the filter extension rejects my IPv6 URLs. For example this returns `false` even though it's a valid HTTP url:

    filter_var("http://[::1]:2000/push/thingy", FILTER_VALIDATE_URL);


I'm somewhat certain that FILTER_VALIDATE_URL actually used [`parse_url`](http://php.net/parse_url) behind the scenes to probe for URL correctness. But parse_url itself works perfectly fine on such addresses:

    Array(
        [scheme] => http
        [host] => [::1]
        [port] => 2000
        [path] => /push/thingy

So there is some limitation in the filter_var wrapper for _VALIDATE_URL.

---

Note that this is a distinct issue to http://bugs.php.net/bug.php?id=48762&edit=2 which was about FILTER_VALIDATE_IP addresses only.


Test script:
---------------
<?php

var_dump(filter_var("http://[::1]/path?qs", FILTER_VALIDATE_URL));

?>

Expected result:
----------------
string(20) "http://[::1]/path?qs"

Actual result:
--------------
bool(false)

Patches

trunk (last revision 2011-05-07 19:26 UTC by dtajchreber@php.net)
5_3 (last revision 2011-05-07 19:26 UTC by dtajchreber@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-04-29 04:13 UTC] dtajchreber@php.net
-Type: Bug +Type: Feature/Change Request
 [2011-04-29 04:13 UTC] dtajchreber@php.net 
"Validates value as URL (according to ยป http://www.faqs.org/rfcs/rfc2396), optionally with required components. Note that the function will only find ASCII URLs to be 
valid; internationalized domain names (containing non-ASCII characters) will fail."

RFC 2396 doesn't support IPv6 addresses... would need to implement RFC 2732 checks... flipping to feature request. 

[1] http://www.php.net/manual/en/filter.filters.validate.php
[2] http://www.faqs.org/rfcs/rfc2396.html
[3] http://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Refinement_of_specifications
[4] http://tools.ietf.org/html/rfc2732
 [2011-05-07 21:26 UTC] dtajchreber@php.net 
The following patch has been added/updated:

Patch Name: 5_3
Revision:   1304796392
URL:        http://bugs.php.net/patch-display.php?bug=54629&patch=5_3&revision=1304796392
 [2011-05-07 21:26 UTC] dtajchreber@php.net 
The following patch has been added/updated:

Patch Name: trunk
Revision:   1304796415
URL:        http://bugs.php.net/patch-display.php?bug=54629&patch=trunk&revision=1304796415
 [2016-01-30 20:48 UTC] narf at devilix dot net 
This has been resolved via https://bugs.php.net/bug.php?id=68039

But only for PHP 7
 [2020-03-01 23:02 UTC] cmb@php.net
-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb
 [2020-03-01 23:02 UTC] cmb@php.net 
Closing as duplicate of feature request #68039.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jan 05 08:01:28 2025 UTC