Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Url::ensureScheme does not work in some cases #17191

Closed
SamMousa opened this issue Mar 6, 2019 · 5 comments
Closed

Url::ensureScheme does not work in some cases #17191

SamMousa opened this issue Mar 6, 2019 · 5 comments
Assignees
@SamMousa
Labels
type:bug Bug
Milestone
2.0.50

Comments

@SamMousa
Copy link
Contributor

SamMousa commented Mar 6, 2019

What steps will reproduce the problem?

Url::ensureScheme('google.nl/test?param=https://someother.url/', 'https');

What is the expected result?

https://google.nl/test?param=https://someother.url/

What do you get instead?

google.nl/test?param=https://someother.url/

Additional info

This happens because this check is done:

if (($pos = strpos($url, '://')) !== false) {
            if ($scheme === '') {
                $url = substr($url, $pos + 1);
            } else {
                $url = $scheme . substr($url, $pos);
            }
        }

We should use parse_url to get the correct parts instead of using strpos.
If parse_url is not available then we could at least split the string by ? to ensure we ignore the query part.
@rob006
Copy link
Contributor

rob006 commented Mar 6, 2019

google.nl/test?param=https://someother.url/ is relative URL, so ensureScheme() should return it as is, without any change. But I agree that there is a bug in isRelative() - it looks like it treats blablatest?param=https://someother.url/ as absolute URL.

@samdark samdark added type:bug Bug status:to be verified Needs to be reproduced and validated. labels Mar 6, 2019
@SamMousa
Copy link
Contributor Author

SamMousa commented Mar 6, 2019

Interesting, because even though isRelative is wrong, the same error is made in ensureScheme(), which in that case actually negates the erroneous behavior.

public static function ensureScheme($url, $scheme)
    {
        if (static::isRelative($url) || !is_string($scheme)) {
            return $url;
        }

        if (substr($url, 0, 2) === '//') {
            // e.g. //example.com/path/to/resource
            return $scheme === '' ? $url : "$scheme:$url";
        }

        if (($pos = strpos($url, '://')) !== false) {
            if ($scheme === '') {
                $url = substr($url, $pos + 1);
            } else {
                $url = $scheme . substr($url, $pos);
            }
        }

        return $url;
    }

@SamMousa
Copy link
Contributor Author

SamMousa commented Mar 6, 2019
edited
Loading

It seems this approach is used more often, so my bug report was bad but there is an actual issue :-/

public function createAbsoluteUrl($params, $scheme = null)
    {
        $params = (array) $params;
        $url = $this->createUrl($params);
        if (strpos($url, '://') === false) {
            $hostInfo = $this->getHostInfo();
            if (strncmp($url, '//', 2) === 0) {
                $url = substr($hostInfo, 0, strpos($hostInfo, '://')) . ':' . $url;
            } else {
                $url = $hostInfo . $url;
            }
        }

        return Url::ensureScheme($url, $scheme);
    }

Basically strpos is not something to use on URLs.

@rob006
Copy link
Contributor

rob006 commented Mar 6, 2019

ensureScheme() implementation will be correct if we fix isRelative(). createAbsoluteUrl() should probably also rely on isRelative() to make this behavior more consistent.

@SamMousa
Copy link
Contributor Author

SamMousa commented Mar 6, 2019

Yeah working on it

@samdark samdark added status:under development Someone is working on a pull request. and removed status:to be verified Needs to be reproduced and validated. labels Mar 6, 2019
SamMousa added a commit to SamMousa/yii2 that referenced this issue Mar 6, 2019
@SamMousa
Fixed yiisoft#17191
8d673ea
@SamMousa SamMousa mentioned this issue Mar 6, 2019
Closed
@samdark samdark added status:code review The pull request needs review. and removed status:under development Someone is working on a pull request. labels Mar 8, 2019
@samdark samdark removed the status:code review The pull request needs review. label Aug 27, 2019
ggh2e3 added a commit to ggh2e3/yii2 that referenced this issue Dec 3, 2023
@ggh2e3
yiisoft#17191: improved ensureScheme tests readability
d45c1cc
ggh2e3 added a commit to ggh2e3/yii2 that referenced this issue Dec 3, 2023
@ggh2e3
yiisoft#17191: improved ensureScheme tests readability
005a9c7
ggh2e3 added a commit to ggh2e3/yii2 that referenced this issue Dec 3, 2023
@ggh2e3
yiisoft#17191: updated changelog
76f1733
@ggh2e3 ggh2e3 mentioned this issue Dec 3, 2023
Merged
@bizley bizley added this to the 2.0.50 milestone Dec 19, 2023
ggh2e3 added a commit to ggh2e3/yii2 that referenced this issue Dec 24, 2023
@ggh2e3
fix yiisoft#17191: improved consistency and readability of UrlManager…
cdaf6f5 
…::createUrl() method
@ggh2e3 ggh2e3 mentioned this issue Dec 24, 2023
Open
ggh2e3 added a commit to ggh2e3/yii2 that referenced this issue Dec 25, 2023
@ggh2e3
fix yiisoft#17191: improved consistency and readability of UrlManager…
ff01ff8 
…::createAbsoluteUrl(, ) method
@bizley bizley mentioned this issue Jan 3, 2024
Closed
@SamMousa SamMousa mentioned this issue Jan 3, 2024
Merged
@samdark samdark closed this as completed Jan 6, 2024
@rob006 rob006 mentioned this issue Jun 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SamMousa SamMousa

Labels
type:bug Bug
Projects
None yet
Milestone
2.0.50
Development

No branches or pull requests
4 participants
@samdark @SamMousa @rob006 @bizley