Last modified: 2006-04-09 19:11:35 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T6781, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 4781 - %26 (= &) in Weblink-URL


Summary:	%26 (= &) in Weblink-URL

Status:	RESOLVED FIXED

Product:	MediaWiki
Classification:	Unclassified
Component:	Parser (Other open bugs)
Version:	1.6.x
Hardware:	All All

Importance:	Normal normal (vote)
Target Milestone:	---
Assigned To:	Brion Vibber

URL:	https://ticket.wikimedia.org/otrs/ind...
Whiteboard:
Keywords:

Duplicates:	5064 5214 5267 (view as bug list)
Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2006-01-28 19:07 UTC by Raimond Spekking
Modified:	2006-04-09 19:11 UTC (History)
CC List:	4 users (show)

See Also:
Web browser:	---
Mobile Platform:	---
Assignee Huggle Beta Tester:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Raimond Spekking 2006-01-28 19:07:58 UTC

The URL 

http://topaz.snl.ch/cgi-bin/gw/chameleon?host=localhost%2b3603%2bDEFAULT&function=INITREQ&SourceScreen=FREEFORM&skin=helveticat&conf=.%2fchameleon.conf&lng=de&itemu1=0&u1=0&t1=(aw%3aludwig%20%26%20aw%3ageorg%20%26%20aw%3acourvoisier)&elementcount=3&pos=1&prevpos=1&beginsrch=1

inserted in an article is converted into 

http://topaz.snl.ch/cgi-bin/gw/chameleon?host=localhost+3603+DEFAULT&function=INITREQ&SourceScreen=FREEFORM&skin=helveticat&conf=.%2fchameleon.conf&lng=de&itemu1=0&u1=0&t1=(aw:ludwig%20%26%20aw:georg%20&%20aw:courvoisier)&elementcount=3&pos=1&prevpos=1&beginsrch=1

(see [[de:Benutzer:Raymond/TestURL]])
This converted URL gives an error at topaz.snl.ch.
I have found out, that decoding of %26 to & in the (...)-part of the URL makes
the problem. The searchengine of topaz.snl.ch needs %26 instead of & for
combining two or more searchwords. I don't know if this is a bug or a feature,
of mediawiki or topaz.snl.ch.

Raymond.

Comment 1 Brion Vibber 2006-01-28 20:08:52 UTC

Seems to be a regression in 1.6; works fine in 1.5.

Comment 2 Brion Vibber 2006-01-28 20:26:30 UTC

The problem is in Parser::replaceUnusualEscapes, which was added to normalize escaping
in URL hostnames to make it harder to skip around spam blacklists. However it's
working over the *entire* URL and isn't excluding '+'.

As far as I can tell + isn't allowed in hostnames, but some browsers (at least Safari)
do allow using it.

Either + should be excluded in this processing, or the processing should be restricted
to the hostname portion of the URL.

Comment 3 Brion Vibber 2006-02-22 19:44:45 UTC

*** Bug 5064 has been marked as a duplicate of this bug. ***

Comment 4 Brion Vibber 2006-03-16 18:13:40 UTC

*** Bug 5267 has been marked as a duplicate of this bug. ***

Comment 5 Brion Vibber 2006-03-17 00:30:59 UTC

Added parser test cases, going to poke at this...

Comment 6 Brion Vibber 2006-04-09 19:11:35 UTC

*** Bug 5214 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.

Wikimedia Bugzilla is closed!

Search

Personal tools

Navigation

Links