fix: query parameter parsed as character entity #194

bytestream · 2020-08-24T15:39:48Z

See first commit for failing test case.

Before:

<a href="https://domain.com/page.php?foo=bar&target=baz">https://domain.com/page.php?foo=bar&target=baz</a>

After:

<a href="https://domain.com/page.php?foo=bar&amp;target=baz">https://domain.com/page.php?foo=bar&amp;⌖=baz</a>

consumeData reads up to &target:

$this->text .= $this->scanner->charsUntil("<&\0");

On next iteration, & is detected as a character reference:

$tok = $this->scanner->current();

if ('&' === $tok) {
    // Character reference
    $ref = $this->decodeCharacterReference();

<a href="https://domain.com/page.php?foo=bar&target=baz">https://domain.com/page.php?foo=bar&target=baz</a>

https://www.w3.org/TR/html50/syntax.html#character-references states character references must always be terminated by ;. The current tokenizer only follows this logic for attributes.

goetas · 2020-09-01T09:06:01Z

This sounds legit. Thanks for providing the fix

jshah4517 · 2020-09-03T20:16:31Z

@goetas thanks for merging this, would it be possible for a new release?

jshah4517 · 2020-10-01T11:12:51Z

@goetas sorry to bump again, when you are free it would be great to have a new release so we can lock to it :-)

goetas · 2020-10-01T13:53:31Z

bytestream added 4 commits August 24, 2020 16:25

added test

db6e7e6

fix: character entity parsing

4f240ec

replaced assertStringContainsString with assertContains

19cb86c

phpcs

475f5f5

goetas merged commit dafd1c0 into Masterminds:master Sep 1, 2020

bytestream deleted the anchor-target-query-param branch September 10, 2020 17:09

Provide feedback