Page MenuHomePhabricator
Create Task
Maniphest T6781

%26 (= &) in Weblink-URL
Closed, ResolvedPublic
Actions

Description

The URL

http://topaz.snl.ch/cgi-bin/gw/chameleon?host=localhost%2b3603%2bDEFAULT&function=INITREQ&SourceScreen=FREEFORM&skin=helveticat&conf=.%2fchameleon.conf&lng=de&itemu1=0&u1=0&t1=(aw%3aludwig%20%26%20aw%3ageorg%20%26%20aw%3acourvoisier)&elementcount=3&pos=1&prevpos=1&beginsrch=1

inserted in an article is converted into

http://topaz.snl.ch/cgi-bin/gw/chameleon?host=localhost+3603+DEFAULT&function=INITREQ&SourceScreen=FREEFORM&skin=helveticat&conf=.%2fchameleon.conf&lng=de&itemu1=0&u1=0&t1=(aw:ludwig%20%26%20aw:georg%20&%20aw:courvoisier)&elementcount=3&pos=1&prevpos=1&beginsrch=1

(see [[de:Benutzer:Raymond/TestURL]])
This converted URL gives an error at topaz.snl.ch.
I have found out, that decoding of %26 to & in the (...)-part of the URL makes
the problem. The searchengine of topaz.snl.ch needs %26 instead of & for
combining two or more searchwords. I don't know if this is a bug or a feature,
of mediawiki or topaz.snl.ch.

Raymond.

Version: 1.6.x
Severity: normal
URL: https://ticket.wikimedia.org/otrs/index.pl?Action=AgentTicketZoom&TicketID=136235

Details

Reference
bz4781

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:04 PM
bzimport added a project: MediaWiki-Parser.
bzimport set Reference to bz4781.
Raymond created this task.Jan 28 2006, 7:07 PM
brion added a comment.Jan 28 2006, 8:08 PM

Seems to be a regression in 1.6; works fine in 1.5.

brion added a comment.Jan 28 2006, 8:26 PM

The problem is in Parser::replaceUnusualEscapes, which was added to normalize escaping
in URL hostnames to make it harder to skip around spam blacklists. However it's
working over the *entire* URL and isn't excluding '+'.

As far as I can tell + isn't allowed in hostnames, but some browsers (at least Safari)
do allow using it.

Either + should be excluded in this processing, or the processing should be restricted
to the hostname portion of the URL.

brion added a comment.Feb 22 2006, 7:44 PM
  • Bug 5064 has been marked as a duplicate of this bug. ***
brion added a comment.Mar 16 2006, 6:13 PM
  • Bug 5267 has been marked as a duplicate of this bug. ***
brion added a comment.Mar 17 2006, 12:30 AM

Added parser test cases, going to poke at this...

brion added a comment.Apr 9 2006, 7:11 PM
  • Bug 5214 has been marked as a duplicate of this bug. ***
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL