bug #34366 [HttpFoundation] Allow redirecting to URLs that contain a semicolon (JayBizzle)
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Allow redirecting to URLs that contain a semicolon
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
URLs that contain a semicolon cannot be redirected to at least in MS Edge and IE10.
Take the following example...
```
# https://ad.doubleclick.net/ddm/clk/450721234;254801234;l
// After redirect...
# https://ad.doubleclick.net/ddm/clk/450721234
```
Wrapping the URL in single quotes fixes the issue ([related reading](https://www.w3.org/TR/WCAG20-TECHS/H76.html))
Commits
-------
bd0637ebe4
[HttpFoundation] Allow redirecting to URLs that contain a semicolon
This commit is contained in:
commit
9e7c254460
|
@ -93,7 +93,7 @@ class RedirectResponse extends Response
|
|||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<meta http-equiv="refresh" content="0;url=%1$s" />
|
||||
<meta http-equiv="refresh" content="0;url=\'%1$s\'" />
|
||||
|
||||
<title>Redirecting to %1$s</title>
|
||||
</head>
|
||||
|
|
|
@ -20,10 +20,7 @@ class RedirectResponseTest extends TestCase
|
|||
{
|
||||
$response = new RedirectResponse('foo.bar');
|
||||
|
||||
$this->assertEquals(1, preg_match(
|
||||
'#<meta http-equiv="refresh" content="\d+;url=foo\.bar" />#',
|
||||
preg_replace(['/\s+/', '/\'/'], [' ', '"'], $response->getContent())
|
||||
));
|
||||
$this->assertRegExp('#<meta http-equiv="refresh" content="\d+;url=\'foo\.bar\'" />#', preg_replace('/\s+/', ' ', $response->getContent()));
|
||||
}
|
||||
|
||||
public function testRedirectResponseConstructorNullUrl()
|
||||
|
|
Reference in New Issue