PHP :: Bug #69715 :: Parser silently accepts invalid text

Bug #69715	Parser silently accepts invalid text
Submitted:	2015-05-27 21:34 UTC	Modified:	2015-05-27 21:52 UTC
From:	hhurford at llamazone dot com	Assigned:
Status:	Not a bug	Package:	Unknown/Other Function
PHP Version:	Irrelevant	OS:	FreeBSD
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	hhurford at llamazone dot com
New email:
PHP Version:		OS:

New Comment:

[2015-05-27 21:34 UTC] hhurford at llamazone dot com

Description:
------------
Place a url in a section of PHP code.
PHP accepts it
PHP gives neither an error nor a 500 response.

I intended to comment out the URL, but forgot.
PHP should have complained, but did not.

Test script:
---------------
<?php
ini_set('display_errors','On');
// On the next line, any URL can be used.
http://encosia.com/5-steps-toward-jquery-mastery/
?>

Expected result:
----------------
I expect a 500 fault.
The URL contains "//", which comments out most of the URL.
What is left is "http:" .
The parser is accepting "http:" without balking.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2015-05-27 21:52 UTC] requinix@php.net

-Status: Open +Status: Not a bug

[2015-05-27 21:52 UTC] requinix@php.net

"http:" is valid. It's a label. http://php.net/goto

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jul 03 12:01:33 2025 UTC