Ticket #592 (closed defect: worksforme)
Escapement problems in Clearbricks
| Reported by: | jcdubacq | Owned by: | xave |
|---|---|---|---|
| Priority: | normal | Milestone: | 2.1.6 |
| Component: | module:clearbricks | Version: | 2.1 |
| Severity: | normal | Keywords: | clearbricks, escaping |
| Cc: |
Description
When using a link having several % chars in it, such as the code inserted for a flashplayer movie:
<param name="FlashVars" value="title=Gwena%C3%ABl%20actionne%20la%20toupie&margin=1&showvolume=1&showtime=1&showfullscreen=1&buttonovercolor=ff9900&slidercolor1=cccccc&slidercolor2=999999&sliderovercolor=0066cc&flv=http://blog.julietteroussel.fr/public/gwenael/2008/12/p1070239.flv&width=400&height=300" />
the function html::absoluteURLHandler in inc/clearbricks/common/lib.html.php (called e.g. in the generation of the atom/rss feed) does not escape the % chars before doing a sprintf (line 181). Thus, the %20a is understood as a (erroneous) sprintf specifications and generates an error message (too few arguments, IIRC).
The patch is simple enough:
Index: lib.html.php
===================================================================
--- lib.html.php (révision 194)
+++ lib.html.php (copie de travail)
@@ -163,7 +163,7 @@
{
$url = $m[2];
- $link = $m[1].'%s'.$m[3];
+ $link = preg_replace('|%|','%%',$m[1]).'%s'.preg_replace('|%|','%%',$m[3]);
$host = preg_replace('|^([a-z]{3,}://)(.*?)/(.*)$|','$1$2',self::$url_root);
$parse = parse_url($m[2]);
Change History
comment:1 Changed 16 years ago by xave
- Owner changed from olivier to xave
- Status changed from new to assigned
- Component changed from module:core to module:clearbricks
- Milestone changed from 2.2 to 2.1.6
Note: See
TracTickets for help on using
tickets.