mirror/processwire
1
0
Fork 0
mirror of https://github.com/processwire/processwire.git synced 2025-08-13 18:24:57 +02:00
Code Issues Releases Wiki Activity

Fix issue processwire/processwire-issues#1261

Browse Source
This commit is contained in:
Ryan Cramer
2020-10-19 09:24:57 -04:00
parent 3782b6c7ae
commit a5cea5660d
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
wire/core/Sanitizer.php
View File

@@ -1812,7 +1812,7 @@ class Sanitizer extends Wire {
// separate scheme+domain+path from query string temporarily
if(strpos($value, '?') !== false) {
list($domainPath, $queryString) = explode('?', $value);
list($domainPath, $queryString) = explode('?', $value, 2);
if(!$options['allowQuerystring']) $queryString = '';
} else {
$domainPath = $value;
@@ -1835,9 +1835,10 @@ class Sanitizer extends Wire {
// restore characters allowed in domain/path
$domainPath = str_replace(array('%2F', '%3A'), array('/', ':'), $domainPath);
// restore value that is now FILTER_SANITIZE_URL compatible
$value = $domainPath . (strlen($queryString) ? "?$queryString" : "");
$pathIsEncoded = true;
}
$value = $domainPath . (strlen($queryString) ? "?$queryString" : "");
// this filter_var sanitizer just removes invalid characters that don't appear in domains or paths
$value = filter_var($value, FILTER_SANITIZE_URL);