X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=php_http_url.c;h=d7829622bcaea55045bbf9cb72a27ca90528d15d;hp=14ad6f7067b6444577571e8046e17e0f7b71979c;hb=1bb638a357d62a0b8e5fa2822cf1ca50d16204c6;hpb=860f294514633abead8ed6df000655a93e98a30c

diff --git a/php_http_url.c b/php_http_url.c
index 14ad6f7..d782962 100644
--- a/php_http_url.c
+++ b/php_http_url.c
@@ -554,8 +554,8 @@ HashTable *php_http_url_to_struct(const php_http_url_t *url, zval *strct TSRMLS_
 
 ZEND_RESULT_CODE php_http_url_encode_hash(HashTable *hash, const char *pre_encoded_str, size_t pre_encoded_len, char **encoded_str, size_t *encoded_len TSRMLS_DC)
 {
-	const char *arg_sep_str;
-	size_t arg_sep_len;
+	const char *arg_sep_str = "&";
+	size_t arg_sep_len = 1;
 	php_http_buffer_t *qstr = php_http_buffer_new();
 
 	php_http_url_argsep(&arg_sep_str, &arg_sep_len TSRMLS_CC);
@@ -1271,7 +1271,7 @@ static const char *parse_query(struct parse_state *state)
 	tmp = ++state->ptr;
 	state->url.query = &state->buffer[state->offset];
 
-	while(state->ptr < state->end) {
+	while (state->ptr < state->end) {
 		switch (*state->ptr) {
 		case '#':
 			goto done;
@@ -1288,8 +1288,11 @@ static const char *parse_query(struct parse_state *state)
 			state->buffer[state->offset++] = *state->ptr;
 			break;
 
-		case ']':
-		case '[':
+		/* RFC1738 unsafe */
+		case '{': case '}':
+		case '<': case '>':
+		case '[': case ']':
+		case '|': case '\\': case '^': case '`': case '"': case ' ':
 			if (state->flags & PHP_HTTP_URL_PARSE_TOPCT) {
 				state->buffer[state->offset++] = '%';
 				state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) >> 4];
@@ -1361,6 +1364,19 @@ static const char *parse_fragment(struct parse_state *state)
 			state->buffer[state->offset++] = *state->ptr;
 			break;
 
+		/* RFC1738 unsafe */
+		case '{': case '}':
+		case '<': case '>':
+		case '[': case ']':
+		case '|': case '\\': case '^': case '`': case '"': case ' ':
+			if (state->flags & PHP_HTTP_URL_PARSE_TOPCT) {
+				state->buffer[state->offset++] = '%';
+				state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) >> 4];
+				state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) & 0xf];
+				break;
+			}
+			/* no break */
+
 		case '?': case '/':
 		case '!': case '$': case '&': case '\'': case '(': case ')': case '*':
 		case '+': case ',': case ';': case '=': /* sub-delims */
@@ -1571,7 +1587,7 @@ ZEND_END_ARG_INFO();
 PHP_METHOD(HttpUrl, mod)
 {
 	zval *new_url = NULL;
-	long flags = PHP_HTTP_URL_JOIN_PATH | PHP_HTTP_URL_JOIN_QUERY;
+	long flags = PHP_HTTP_URL_JOIN_PATH | PHP_HTTP_URL_JOIN_QUERY | PHP_HTTP_URL_SANITIZE_PATH;
 	zend_error_handling zeh;
 
 	php_http_expect(SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z!|l", &new_url, &flags), invalid_arg, return);