From 44df5456ecee3e2afae620b0721db68d02b2e341 Mon Sep 17 00:00:00 2001
From: Sybille Peters <sypets@gmx.de>
Date: Sat, 14 Dec 2019 12:15:12 +0100
Subject: [PATCH] [BUGFIX] Convert URLs with ampersands in Linkvalidator
The linkref functions return the URLs as they are displayed in the
BE form. This will return '&' as '&' HTML entity.
Linkvalidator should correctly decode the HTML entity.
Resolves: #89488
Resolves: #89682
Releases: master, 9.5
Change-Id: I17b421354d45297423437373b92a93dfbe53d2d9
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62634
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
---
.../Classes/Linktype/ExternalLinktype.php | 1 +
.../Tests/Unit/Linktype/ExternalLinktypeTest.php | 14 ++++++++++++--
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/typo3/sysext/linkvalidator/Classes/Linktype/ExternalLinktype.php b/typo3/sysext/linkvalidator/Classes/Linktype/ExternalLinktype.php
index e6d04b8e0fe6..663221eee4b0 100644
--- a/typo3/sysext/linkvalidator/Classes/Linktype/ExternalLinktype.php
+++ b/typo3/sysext/linkvalidator/Classes/Linktype/ExternalLinktype.php
@@ -272,6 +272,7 @@ class ExternalLinktype extends AbstractLinktype
*/
protected function preprocessUrl(string $url): string
{
+ $url = html_entity_decode($url);
$parts = parse_url($url);
$newDomain = (string)HttpUtility::idn_to_ascii($parts['host']);
if (strcmp($parts['host'], $newDomain) !== 0) {
diff --git a/typo3/sysext/linkvalidator/Tests/Unit/Linktype/ExternalLinktypeTest.php b/typo3/sysext/linkvalidator/Tests/Unit/Linktype/ExternalLinktypeTest.php
index fcb6430b4051..5c49658ebdbb 100644
--- a/typo3/sysext/linkvalidator/Tests/Unit/Linktype/ExternalLinktypeTest.php
+++ b/typo3/sysext/linkvalidator/Tests/Unit/Linktype/ExternalLinktypeTest.php
@@ -129,6 +129,16 @@ class ExternalLinktypeTest extends UnitTestCase
public function preprocessUrlsDataProvider()
{
+ // regression tests for issues #89488, #89682
+ yield 'URL with query parameter and ampersand' => [
+ 'https://standards.cen.eu/dyn/www/f?p=204:6:0::::FSP_ORG_ID,FSP_LANG_ID:,22&cs=1A3FFBC44FAB6B2A181C9525249C3A829',
+ 'https://standards.cen.eu/dyn/www/f?p=204:6:0::::FSP_ORG_ID,FSP_LANG_ID:,22&cs=1A3FFBC44FAB6B2A181C9525249C3A829'
+ ];
+ yield 'URL with query parameter and ampersand with HTML entities' => [
+ 'https://standards.cen.eu/dyn/www/f?p=204:6:0::::FSP_ORG_ID,FSP_LANG_ID:,22&cs=1A3FFBC44FAB6B2A181C9525249C3A829',
+ 'https://standards.cen.eu/dyn/www/f?p=204:6:0::::FSP_ORG_ID,FSP_LANG_ID:,22&cs=1A3FFBC44FAB6B2A181C9525249C3A829'
+ ];
+
// regression tests for #89378
yield 'URL with path with dashes' => [
'https://example.com/Unternehmen/Ausbildung-Qualifikation/Weiterbildung-in-Niedersachsen/',
@@ -142,9 +152,9 @@ class ExternalLinktypeTest extends UnitTestCase
'http://example.com/universitaet/die-uni-im-ueberblick/lageplan/gebaeude/building/120',
'http://example.com/universitaet/die-uni-im-ueberblick/lageplan/gebaeude/building/120'
];
- yield 'URL with path and query parameters' => [
+ yield 'URL with path and query parameters (including &, ~,; etc.)' => [
'http://example.com/tv?bcpid=1701167454001&amp;amp;bckey=AQ~~,AAAAAGL7LqU~,aXlKNnCf9d9Tmck-kOc4PGFfCgHjM5JR&amp;amp;bctid=1040702768001',
- 'http://example.com/tv?bcpid=1701167454001&amp;amp;bckey=AQ~~,AAAAAGL7LqU~,aXlKNnCf9d9Tmck-kOc4PGFfCgHjM5JR&amp;amp;bctid=1040702768001'
+ 'http://example.com/tv?bcpid=1701167454001&amp;bckey=AQ~~,AAAAAGL7LqU~,aXlKNnCf9d9Tmck-kOc4PGFfCgHjM5JR&amp;bctid=1040702768001'
];
// make sure we correctly handle URLs with query parameters and fragment etc.
--
GitLab