diff options
author | Christoph M. Becker <cmbecker69@gmx.de> | 2021-01-19 11:23:25 +0100 |
---|---|---|
committer | Stanislav Malyshev <stas@php.net> | 2021-01-26 22:54:58 -0800 |
commit | 4a89e726bd4d0571991dc22a9a1ad4509e8fe347 (patch) | |
tree | 6a765ee94c98576275a55e7d87501ed351656cae /ext/standard/tests/strings/hex2bin_basic.phpt | |
parent | 491488d21707062fa8e9b9187db3585fb0d347da (diff) | |
download | php-git-4a89e726bd4d0571991dc22a9a1ad4509e8fe347.tar.gz |
Alternative fix for bug 77423
That bug report originally was about `parse_url()` misbehaving, but the
security aspect was actually only regarding `FILTER_VALIDATE_URL`.
Since the changes to `parse_url_ex()` apparently affect userland code
which is relying on the sloppy URL parsing[1], this alternative
restores the old parsing behavior, but ensures that the userinfo is
checked for correctness for `FILTER_VALIDATE_URL`.
[1] <https://github.com/php/php-src/commit/5174de7cd33c3d4fa591c9c93859ff9989b07e8c#commitcomment-45967652>
Diffstat (limited to 'ext/standard/tests/strings/hex2bin_basic.phpt')
0 files changed, 0 insertions, 0 deletions