|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #60797 parse_url fragments on #[0-9]+;
Submitted: 2012-01-19 00:30 UTC Modified: 2012-01-25 00:03 UTC
From: buccinator at gmail dot com Assigned:
Status: Wont fix Package: URL related
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2012-01-19 00:30 UTC] buccinator at gmail dot com
note: parse_url() will fragment with #[0-9]+; type encodings within the query

Expected result:
that the filter be less greedy, or the function include this behaviour in the documentation


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2012-01-21 22:11 UTC]
-Status: Open +Status: Feedback
 [2012-01-21 22:11 UTC]
Could you please provide a test script showing the behaviour you're describing. 
Based on what you've written, I do not know what needs to be documented.
 [2012-01-24 23:11 UTC] buccinator at gmail dot com
$url = 

echo '<xmp>';
echo '</xmp>';

actual output:
array(4) {
  string(4) "http"
  string(11) ""
  string(21) "/key1=val1&key2=vals&"
  string(31) "39;2s&key3=vals&apos;3#fragment"

expected output (unless documented):
array(4) {
  string(4) "http"
  string(11) ""
  string(21) "/key1=val1&key2=vals&#39;2s&key3=vals&apos;3"
  string(31) "fragment"
 [2012-01-24 23:11 UTC] buccinator at gmail dot com
-Status: Feedback +Status: Open
 [2012-01-24 23:22 UTC]
Hash characters are not valid within a URL, except to delimit a fragment. RFC 
1738 ( explicitly indicates under "2.2. URL 
Character Encoding Issues" that the hash character *must* be encoded for the URL 
to be valid.

The parse_url() reference indicates in several places that malformed URLs will 
likely incur issues. As such, I don't feel it's warranted to document each way a 
URL can be malformed.
 [2012-01-24 23:22 UTC]
-Status: Open +Status: Wont fix
 [2012-01-25 00:03 UTC] buccinator at gmail dot com
fair enough.

imho, as parse_url actually splits on fragment (which i would assume isnt 
actually sent in the HTTP request of a URL), i expected parse_url() to work on 
URLs found in the wild (ie. URLs intended for a browsers address bar, xHTML 
display) eg. a URL captured from a page anchor href tag.

but again, i wouldnt have realised that a URL encoded with a HTML entity 
(regardless of proper context) would be considered malformed.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Oct 28 21:03:36 2021 UTC