|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2014-08-22 14:32 UTC] ndermine at adequasys dot com
Description: ------------ I use output_add_rewrite_var to add a URL parameter to relative links in my app. When I have a link like this <a href="javascript:..."> it is left untouched which is great. But I had a piece of javascript containing an anchor tag inside a javascript string : "<a href=\"javascript..." (note the escaped double quote that is expected to remain escaped in the HTML page source) That part was modified in a way that broke the javascript : the new param was introduced between the backslash and the double quote : "<a href=\?key=value"javascript..." I can of course write (and have rewritten) my javascript differently, but would it be possible to not insert the parameters in this case? This seems very similar to Bug #19358 "URL Rewriter Blindly Replaces All Links" (closed because of lack of feedback) which was submitted in 2002. Thank you for your work. Test script: --------------- <?php output_add_rewrite_var('a', 'b'); ?> <script type="text/javascript"> var link = "<a href=\"javascript:doSomething('with a parameter')\">link</a>"; </script> Expected result: ---------------- <script type="text/javascript"> var link = "<a href=\"javascript:doSomething('with a parameter')\">link</a>"; </script> Actual result: -------------- <script type="text/javascript"> var link = "<a href=\?a=b"javascript:doSomething('with a parameter')\">link</a>"; </script> PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Apr 15 05:01:29 2025 UTC |
I face a similar problem since I upgraded from PHP 5.4.16 to PHP 5.4.29 (also Zend Server 6.0.1 to Zend Server 7.0.0), on various Windows OS (Win7 and Server 2003, 2008) and also to both IIS and Apache (various versions). Unfortunately I can not supply any code as the application is copyrighted but I will provide you some information and the output results. The concept is that the phpinfo() is called, parsed, minified and returned inside a JSON object. A part of the code is the following: ob_start(); phpinfo(); $phpinfo = trim(str_replace(array("\r","\n","\t"), "", ob_get_contents())); ob_end_clean(); $component->contents = $phpinfo; Then the component is passing through a lot of functions etc leading to the output... Starting from the "normal" or expected output, which is also the "correct" output, returned since many years and several PHP versions (now with the 5.4.16 for example): ... <td><a href=\"http:\/\/www.php.net\/\"><img border=\"0\" ... Instead from the above, I get with PHP5.4.29 the following (exactly with the blank spaces etc): ... <td><a href=\?ApplId=f29bp4f03fmo1juomiaup7m851" http : \ / \ / www.php.net \ / \ "><img border=\"0\" ... ------------------------------------------------------------------------- I found out that the responsible configuration can be found in php.ini, which is the same in both old and new setups (PHP5.4.16 vs PHP5.4.29) url_rewriter.tags="a=href,area=href,frame=src,input=src,form=fakeentry" when I replace/deactivate the url_rewriter with the following: url_rewriter.tags="" I get the correct result, as it used to be output in PHP 5.4.16. I hope my comment provides some helpful extra information. Best Regards, StevenAlways the problème in 2020 !!! If js code in HTML like that : some text <script> var m = $("<a href=\"\/my\/url\">label</a>") ; </script> it is transformed in : some text <script> var m = $("<a href=\?a=b"\/my\/url\">label</a>") ; </script>