Skip to content

Commit

Permalink
[Routing] fix encoding of path segments '.' and '..'
Browse files Browse the repository at this point in the history
  • Loading branch information
@Tobion
Tobion committed Jul 3, 2012
1 parent e947782 commit 25d326b
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
7 changes: 6 additions & 1 deletion src/Symfony/Component/Routing/Generator/UrlGenerator.php
View file
Expand Up @@ -179,13 +179,18 @@ protected function doGenerate($variables, $defaults, $requirements, $tokens, $pa
}
}

if (!$url) {
if ('' === $url) {
$url = '/';
}

// do not encode the contexts base url as it is already encoded (see Symfony\Component\HttpFoundation\Request)
$url = $this->context->getBaseUrl().strtr(rawurlencode($url), $this->decodedChars);

// the path segments "." and ".." are interpreted as relative reference when resolving a URI; see http://tools.ietf.org/html/rfc3986#section-3.3
// so we need to encode them as they are not used for this purpose here
// otherwise we would generate a URI that, when followed by a user agent (e.g. browser), does not match this route
$url = preg_replace(array('#/\.\.(/|$)#', '#/\.(/|$)#'), array('/%2E%2E$1', '/%2E$1'), $url);

// add a query string if needed
$extra = array_diff_key($originParameters, $variables, $defaults);
if ($extra && $query = http_build_query($extra, '', '&')) {
Expand Down
10 changes: 10 additions & 0 deletions src/Symfony/Component/Routing/Tests/Generator/UrlGeneratorTest.php
View file
Expand Up @@ -245,6 +245,16 @@ public function testUrlEncoding()
);
}

public function testEncodingOfRelativePathSegments()
{
$routes = $this->getRoutes('test', new Route('/dir/../dir/..'));
$this->assertSame('/app.php/dir/%2E%2E/dir/%2E%2E', $this->getGenerator($routes)->generate('test'));
$routes = $this->getRoutes('test', new Route('/dir/./dir/.'));
$this->assertSame('/app.php/dir/%2E/dir/%2E', $this->getGenerator($routes)->generate('test'));
$routes = $this->getRoutes('test', new Route('/a./.a/a../..a/...'));
$this->assertSame('/app.php/a./.a/a../..a/...', $this->getGenerator($routes)->generate('test'));
}

protected function getGenerator(RouteCollection $routes, array $parameters = array(), $logger = null)
{
$context = new RequestContext('/app.php');
Expand Down

0 comments on commit 25d326b

Please sign in to comment.