8000 minor #60090 [HtmlSanitizer] reject URLs with URL-encoded non UTF-8 c… · symfony/symfony@9645b9e · GitHub
[go: up one dir, main page]
Skip to content

Commit 9645b9e

Browse files
nicolas-grekasnicolas-grekas
committed
minor #60090 [HtmlSanitizer] reject URLs with URL-encoded non UTF-8 characters in the host part (xabbuh)
This PR was merged into the 6.4 branch. Discussion ---------- [HtmlSanitizer] reject URLs with URL-encoded non UTF-8 characters in the host part | Q | A | ------------- | --- | Branch? | 6.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | | License | MIT following thephpleague/uri-interfaces@40f64d3 Commits ------- 1f3e0d8 reject URLs with URL-encoded non UTF-8 characters in the host part
2 parents aa0b1ba + 1f3e0d8 commit 9645b9e

File tree

2 files changed

+19
-3
lines changed

2 files changed

+19
-3
lines changed

src/Symfony/Component/HtmlSanitizer/Tests/TextSanitizer/UrlSanitizerTest.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -568,8 +568,8 @@ public static function provideParse(): iterable
568568
'http://你好你好' => ['scheme' => 'http', 'host' => '你好你好'],
569569
'https://faß.ExAmPlE/' => ['scheme' => 'https', 'host' => 'faß.ExAmPlE'],
570570
'sc://faß.ExAmPlE/' => ['scheme' => 'sc', 'host' => 'faß.ExAmPlE'],
571-
'http://%30%78%63%30%2e%30%32%35%30.01' => ['scheme' => 'http', 'host' => '%30%78%63%30%2e%30%32%35%30.01'],
572-
'http://%30%78%63%30%2e%30%32%35%30.01%2e' => ['scheme' => 'http', 'host' => '%30%78%63%30%2e%30%32%35%30.01%2e'],
571+
'http://%30%78%63%30%2e%30%32%35%30.01' => null,
572+
'http://%30%78%63%30%2e%30%32%35%30.01%2e' => null,
573573
'http://0Xc0.0250.01' => ['scheme' => 'http', 'host' => '0Xc0.0250.01'],
574574
'http://./' => ['scheme' => 'http', 'host' => '.'],
575575
'http://../' => ['scheme' => 'http', 'host' => '..'],
@@ -689,7 +689,7 @@ public static function provideParse(): iterable
689689
'urn:ietf:rfc:2648' => ['scheme' => 'urn', 'host' => null],
690690
'tag:joe@example.org,2001:foo/bar' => ['scheme' => 'tag', 'host' => null],
691691
'non-special://%E2%80%A0/' => ['scheme' => 'non-special', 'host' => '%E2%80%A0'],
692-
'non-special://H%4fSt/path' => ['scheme' => 'non-special', 'host' => 'H%4fSt'],
692+
'non-special://H%4fSt/path' => null,
693693
'non-special://[1:2:0:0:5:0:0:0]/' => ['scheme' => 'non-special', 'host' => '[1:2:0:0:5:0:0:0]'],
694694
'non-special://[1:2:0:0:0:0:0:3]/' => ['scheme' => 'non-special', 'host' => '[1:2:0:0:0:0:0:3]'],
695695
'non-special://[1:2::3]:80/' => ['scheme' => 'non-special', 'host' => '[1:2::3]'],

src/Symfony/Component/HtmlSanitizer/TextSanitizer/UrlSanitizer.php

Lines changed: 16 additions & 0 deletions
< 8000 tr class="diff-line-row">
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,10 @@ public static function parse(string $url): ?array
100100
return null;
101101
}
102102

103+
if (isset($parsedUrl['host']) && self::decodeUnreservedCharacters($parsedUrl['host']) !== $parsedUrl['host']) {
104+
return null;
105+
}
106+
103107
return $parsedUrl;
104108
} catch (SyntaxError) {
105109
return null;
@@ -139,4 +143,16 @@ private static function matchAllowedHostParts(array $uriParts, array $trustedPar
139143

140144
return true;
141145
}
146+
147+
/**
148+
* Implementation borrowed from League\Uri\Encoder::decodeUnreservedCharacters().
149+
*/
150+
private static function decodeUnreservedCharacters(string $host): string
151+
{
152+
return preg_replace_callback(
153+
',%(2[1-9A-Fa-f]|[3-7][0-9A-Fa-f]|61|62|64|65|66|7[AB]|5F),',
154+
static fn (array $matches): string => rawurldecode($matches[0]),
155+
$host
156+
);
157+
}
142158
}

0 commit comments

Comments
 (0)
0