[4364] 2.0 RC3 - urls that contain [brackets] are truncated

rbeuker · May 13, 2010, 08:26:49 AM

When you try to use a link like the one below, SMF will truncate it:

http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews[tt_news]=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc

Example:
=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc]http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews[tt_news]=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc

We have solved it, by manually replacing the brackets:

Code Select

[  becomes %5B
]  becomes %5D

So after doing the manual changes, the link looks like:

Code Select

http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews%5Btt_news%5D=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc

And now it works:

http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews%5Btt_news%5D=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc

Could this be fixed in RC4?

Thanks,

Ronald

Arantor · May 13, 2010, 08:30:12 AM

It only truncates it if you let it try to auto convert to URLs, and this has been discussed before, in this very board in fact.

Specifically: http://www.simplemachines.org/community/index.php?topic=363099.0
See also: http://www.simplemachines.org/community/index.php?topic=377762.0

rbeuker · May 16, 2010, 08:27:15 AM

Quote from: Arantor on May 13, 2010, 08:30:12 AM
It only truncates it if you let it try to auto convert to URLs

I'm using the

Code Select

[url] and

Code Select

[/url] tags to create the URL.

Does that mean that I'm trying to auto convert to URLs?
If yes, how could I prevent this auto conversion?

Arantor · May 16, 2010, 08:32:07 AM

Hmm, I assumed you were just posting the URL itself, which would attempt to auto convert.

What *exactly* are you typing?

rbeuker · May 16, 2010, 09:08:35 AM

Wow, you're fast!

Ok, here goes:

The first line below shows what I will enter on the 2nd line:

Code Select

[url]http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews[tt_news]=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc[/url]

=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc]http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews[tt_news]=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc
This is a mess... $:-\$

And now another test, using the manual fix (note that, in the middle of the URL, I have replaced the opening bracket with %5B and I have replaced the closing bracket with %5E)

Code Select

[url]http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews%5Btt_news%5D=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc[/url]

http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews%5Btt_news%5D=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc
And this works!!

And let's also try *without* using the url tags--in other words, using the automatic conversion by SMF:

Using the original URL:
http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews[tt_news]=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc
Nope, not working... although it looks better than the 1st URL in this message.

Using the manually fixed URL:
http://www.trosradar.nl/index.php?id=artikel_detail&tx_ttnews%5Btt_news%5D=27928&cHash=ad35a38d5899c4d722702bda6f8bd7dc
Yes, this also works!

By the way, I wholeheartedly agree that websites should not use square brackets in their URLs. Still, it would be great if SMF could handle them (in particular when the url tags are used).

Where/how could I suggest this for a 2.0 RC4 version?

Arantor · May 16, 2010, 09:14:24 AM

You've already suggested it in the right place - it's a bug, I suppose.

This bug will effect every version of SMF, if I'm not mistaken, because it's a fundamental of how the bbcode parser works.

As an interim measure you can use [html] and post raw <a href> links or the fixed ones you've found.

MultiformeIngegno · May 16, 2010, 12:45:44 PM

I can confirm this!

rbeuker · May 17, 2010, 02:32:47 PM

Grazie!

Also to Arantor, of course

Norv · July 17, 2010, 03:21:59 PM

I think we should keep this in mind for the next version (after 2.0).
Thank you for the report and the explanations.

rbeuker · July 20, 2010, 05:19:39 PM

No problem!

Is this in the Bug Tracker yet? (I have tried finding it myself, but have not found it)

Norv · July 20, 2010, 05:58:44 PM

It is tracked, yes, though for the time being (only for a little while longer) the project it is tracked for is not public yet.

Around the release of 2.0 gold, the data gathered for the next SMF version should be sorted out too, and it will be public as well.

Norv · September 26, 2010, 01:18:52 PM

According to http://tools.ietf.org/html/rfc3986#section-2.2, brackets in URLs are not valid. This cannot be considered a SMF bug.

Oya · September 26, 2010, 01:24:41 PM

except there are plenty of cases where it is used in a url even in smf itself...

Norv · September 26, 2010, 01:34:41 PM

It really should not be.
Can you please tell, to what uses do you refer?

Oya · September 26, 2010, 01:42:44 PM

ok maybe i was slightly hasty

it IS used any time you have multiple form elements with the same name but mostly these arent sent by GET

the search system in particular uses it to identify boards to be searched - for example the contextual search for this board adds:

Code Select

<input type="hidden" name="brd[37]" value="37">

your mod site definitely DOES use it though - searching for smf 20rc2 and 20rc3 gives you

http://custom.simplemachines.org/mods/index.php?action=search;downloads=;smf_versions[]=54;smf_versions[]=51;bool=or;asc;start=10

while it isnt necessarily valid html it does get used in GET for search purposes

Norv · September 26, 2010, 02:27:00 PM

If they're sent by POST it is not an issue IMHO - it is not in the URL.

Thank you for the notification about mod site... I don't seem to manage to replicate that though.

rbeuker · September 26, 2010, 02:27:40 PM

Quote from: Norv on September 26, 2010, 01:18:52 PM
According to http://tools.ietf.org/html/rfc3986#section-2.2, brackets in URLs are not valid. This cannot be considered a SMF bug.

I disagree. The brackets are listed on the line that shows the 'gen-delims'

Code Select

gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@"

These delimiters may not be used a lot, but they are valid according to this RFC. I assume SMF is not parsing them correctly, because it thinks there'll be some bbc tag?

Anyway, even if you insist that this is not a bug, there's still an easy fix:

Code Select

[  becomes %5B
]  becomes %5D

How about agreeing on to disagree, and still implement this fix^H^H^Hworkaround?

Something like that · September 26, 2010, 05:51:30 PM

rbeuker is right, here. When it talks of reserved characters, they are just legal characters with special meaning. They are part of a valid URI.

rbeuker · October 09, 2010, 09:42:57 AM

Can this please be moved back to the Bug section?

Norv · October 09, 2010, 09:49:45 AM

You're right, SMF should then be aware of them and treat them appropriately.

Moved back, to be dealt with.

News:

[4364] 2.0 RC3 - urls that contain [brackets] are truncated

Oya

Oya