From 6b1a9d4e4ea907effec0332ea1d8f02d8ca57948 Mon Sep 17 00:00:00 2001 From: Aryeh Gregor Date: Fri, 8 Aug 2008 15:45:52 +0000 Subject: [PATCH] Unescape more "safe" characters when producing URLs, for added prettiness. Checked against RFC 1738; should cause no problems if wfUrlencode() is only applied to bits of the URL after the domain name. And if it is applied to the domain name or protocol as well, this is probably less broken, if anything, not more, since hex escapes aren't permitted in the domain name or protocol part. --- RELEASE-NOTES | 1 + includes/GlobalFunctions.php | 23 +++++++++++++++++++---- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 5ac8a1e815..42bedefd65 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -57,6 +57,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN being converted or not * (bug 14921) Special:Contributions/: add user name to Patch by Emufarmers +* Unescape more "safe" characters when producing URLs, for added prettiness === Bug fixes in 1.14 === diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index cfdec5cd4a..d70edbce27 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -151,16 +151,31 @@ function wfRandom() { } /** - * We want / and : to be included as literal characters in our title URLs. + * We want some things to be included as literal characters in our title URLs + * for prettiness, which urlencode encodes by default. According to RFC 1738, + * all of the following should be safe: + * + * ;:@&=$-_.+!*'(), + * + * But + is not safe because it's used to indicate a space; &= are only safe in + * paths and not in queries (and we don't distinguish here); ' seems kind of + * scary; and urlencode() doesn't touch -_. to begin with. Plus, although / + * is reserved, we don't care. So the list we unescape is: + * + * ;:@$!*(),/ + * * %2F in the page titles seems to fatally break for some reason. * * @param $s String: * @return string */ -function wfUrlencode ( $s ) { +function wfUrlencode( $s ) { $s = urlencode( $s ); - $s = preg_replace( '/%3[Aa]/', ':', $s ); - $s = preg_replace( '/%2[Ff]/', '/', $s ); + $s = str_ireplace( + array( '%3B','%3A','%40','%24','%21','%2A','%28','%29','%2C','%2F' ), + array( ';', ':', '@', '$', '!', '*', '(', ')', ',', '/' ), + $s + ); return $s; } -- 2.20.1