Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Commit 1f3e0d8

Browse filesBrowse files
committed
reject URLs with URL-encoded non UTF-8 characters in the host part
1 parent 6069cd9 commit 1f3e0d8
Copy full SHA for 1f3e0d8

File tree

Expand file treeCollapse file tree

2 files changed

+19
-3
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+19
-3
lines changed

‎src/Symfony/Component/HtmlSanitizer/Tests/TextSanitizer/UrlSanitizerTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HtmlSanitizer/Tests/TextSanitizer/UrlSanitizerTest.php
+3-3Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -568,8 +568,8 @@ public static function provideParse(): iterable
568568
'http://你好你好' => ['scheme' => 'http', 'host' => '你好你好'],
569569
'https://faß.ExAmPlE/' => ['scheme' => 'https', 'host' => 'faß.ExAmPlE'],
570570
'sc://faß.ExAmPlE/' => ['scheme' => 'sc', 'host' => 'faß.ExAmPlE'],
571-
'http://%30%78%63%30%2e%30%32%35%30.01' => ['scheme' => 'http', 'host' => '%30%78%63%30%2e%30%32%35%30.01'],
572-
'http://%30%78%63%30%2e%30%32%35%30.01%2e' => ['scheme' => 'http', 'host' => '%30%78%63%30%2e%30%32%35%30.01%2e'],
571+
'http://%30%78%63%30%2e%30%32%35%30.01' => null,
572+
'http://%30%78%63%30%2e%30%32%35%30.01%2e' => null,
573573
'http://0Xc0.0250.01' => ['scheme' => 'http', 'host' => '0Xc0.0250.01'],
574574
'http://./' => ['scheme' => 'http', 'host' => '.'],
575575
'http://../' => ['scheme' => 'http', 'host' => '..'],
@@ -689,7 +689,7 @@ public static function provideParse(): iterable
689689
'urn:ietf:rfc:2648' => ['scheme' => 'urn', 'host' => null],
690690
'tag:joe@example.org,2001:foo/bar' => ['scheme' => 'tag', 'host' => null],
691691
'non-special://%E2%80%A0/' => ['scheme' => 'non-special', 'host' => '%E2%80%A0'],
692-
'non-special://H%4fSt/path' => ['scheme' => 'non-special', 'host' => 'H%4fSt'],
692+
'non-special://H%4fSt/path' => null,
693693
'non-special://[1:2:0:0:5:0:0:0]/' => ['scheme' => 'non-special', 'host' => '[1:2:0:0:5:0:0:0]'],
694694
'non-special://[1:2:0:0:0:0:0:3]/' => ['scheme' => 'non-special', 'host' => '[1:2:0:0:0:0:0:3]'],
695695
'non-special://[1:2::3]:80/' => ['scheme' => 'non-special', 'host' => '[1:2::3]'],

‎src/Symfony/Component/HtmlSanitizer/TextSanitizer/UrlSanitizer.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HtmlSanitizer/TextSanitizer/UrlSanitizer.php
+16Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,10 @@ public static function parse(string $url): ?array
100100
return null;
101101
}
102102

103+
if (isset($parsedUrl['host']) && self::decodeUnreservedCharacters($parsedUrl['host']) !== $parsedUrl['host']) {
104+
return null;
105+
}
106+
103107
return $parsedUrl;
104108
} catch (SyntaxError) {
105109
return null;
@@ -139,4 +143,16 @@ private static function matchAllowedHostParts(array $uriParts, array $trustedPar
139143

140144
return true;
141145
}
146+
147+
/**
148+
* Implementation borrowed from League\Uri\Encoder::decodeUnreservedCharacters().
149+
*/
150+
private static function decodeUnreservedCharacters(string $host): string
151+
{
152+
return preg_replace_callback(
153+
',%(2[1-9A-Fa-f]|[3-7][0-9A-Fa-f]|61|62|64|65|66|7[AB]|5F),',
154+
static fn (array $matches): string => rawurldecode($matches[0]),
155+
$host
156+
);
157+
}
142158
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.