From 751e1d7f41a430ef5d03c5de87349c7196c92a44 Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Thu, 20 Jan 2011 10:57:16 +0100 Subject: [PATCH] As per RFC 3986 URI schemes are: ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ). --- framework/Core/lib/Horde.php | 7 ++++--- framework/Text_Filter/lib/Horde/Text/Filter/Linkurls.php | 2 +- wicked/lib/Wicked.php | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php index 4774a849f..5012fd4ae 100644 --- a/framework/Core/lib/Horde.php +++ b/framework/Core/lib/Horde.php @@ -922,9 +922,10 @@ HTML; $puri = parse_url($uri); $url = ''; + $schemeRegexp = '|^([a-zA-Z][a-zA-Z0-9+.-]{0,19})://|'; $webroot = ltrim($GLOBALS['registry']->get('webroot', empty($opts['app']) ? null : $opts['app']), '/'); - if ($full && !isset($puri['scheme']) && !preg_match('|^([a-zA-Z0-9][\w+-]{0,19})://|', $webroot) ) { + if ($full && !isset($puri['scheme']) && !preg_match($schemeRegexp, $webroot) ) { /* Store connection parameters in local variables. */ $server_name = $GLOBALS['conf']['server']['name']; $server_port = $GLOBALS['conf']['server']['port']; @@ -961,9 +962,9 @@ HTML; $url = $puri['scheme'] . '://' . $puri['host']; } - if (isset($puri['path']) && substr($puri['path'], 0, 1) == '/' && !preg_match('|^([a-zA-Z0-9][\w+-]{0,19})://|', $webroot)) { + if (isset($puri['path']) && substr($puri['path'], 0, 1) == '/' && !preg_match($schemeRegexp, $webroot)) { $url .= $puri['path']; - } elseif (isset($puri['path']) && preg_match('|^([a-zA-Z0-9][\w+-]{0,19})://|', $webroot)) { + } elseif (isset($puri['path']) && preg_match($schemeRegexp, $webroot)) { $url = $webroot . (substr($puri['path'], 0, 1) != '/' ? '/' : '') . $puri['path']; } else { $url .= '/' . ($webroot ? $webroot . '/' : '') . (isset($puri['path']) ? $puri['path'] : ''); diff --git a/framework/Text_Filter/lib/Horde/Text/Filter/Linkurls.php b/framework/Text_Filter/lib/Horde/Text/Filter/Linkurls.php index 02b9a5bc1..1b2738f83 100644 --- a/framework/Text_Filter/lib/Horde/Text/Filter/Linkurls.php +++ b/framework/Text_Filter/lib/Horde/Text/Filter/Linkurls.php @@ -83,7 +83,7 @@ class Horde_Text_Filter_Linkurls extends Horde_Text_Filter_Base return array( 'regexp' => array( - '|([a-zA-Z0-9][\w+-]{0,19})://([^\s"<]*[\w+#?/&=])|e' => $replacement + '|^([a-zA-Z][a-zA-Z0-9+.-]{0,19})://([^\s"<]*[\w+#?/&=])|e' => $replacement ) ); } diff --git a/wicked/lib/Wicked.php b/wicked/lib/Wicked.php index b07f18099..f67096ead 100644 --- a/wicked/lib/Wicked.php +++ b/wicked/lib/Wicked.php @@ -82,7 +82,7 @@ class Wicked } $url = Horde::url($script, $full, array('append_session' => $append_session)); - $url->url = preg_replace('|^[a-zA-Z0-9][\w+-]{0,19}://[^/]*|', '', $url->url); + $url->url = preg_replace('|^([a-zA-Z][a-zA-Z0-9+.-]{0,19})://[^/]*|', '', $url->url); return $url; } -- 2.11.0