Re: [symfony-users] Re: Escape %2f in URL solution
Hi Javier, I examined this for a short while and came to the conclusion that either you have to drop the requirement of having slashes in your parameter and find another solution or do the slightly unelegant str_replace(). Read more about it here: http://test.ical.ly/2010/07/20/how-you-run-into-problems-with-redirects-when-route-parameters-need-to-have-slashes-in-them/ Cheers /Christian On Wed, Mar 10, 2010 at 9:40 PM, Richtermeister nex...@gmail.com wrote: Hey Javier, I've come across this solution (simple string replace) a couple of times, and it works well for me so far, so I guess it's ok. Daniel On Mar 10, 10:03 am, Javier Sanchez javija...@gmail.com wrote: Hi all This is my problem. When i want to route with a parametrer slash / like :var = subprojectslug/pageslug symfony encoded slash to %2f and give a 404 error because apache desactivate the AllowEncodedSlashes for security I activate AllowEncodedSlashes On But i can't match url in a redirect and the URL is too ugly. Solution with AllowEncodedSlashes Off , go to core: sfRouting.class protected function fixGeneratedUrl($url, $absolute = false) { ... $url = str_ireplace('%2F', '/', $url); return $url; } This works... but, is a good solution? there are a better solution? is a dangerous fix and can affect to my project in other side? Thx Javier Sanchez Lopez -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Re: Escape %2f in URL solution
You could always extract the variable manually from $_SERVER['REQUEST_URI'] On Tue, Jul 20, 2010 at 8:06 AM, Christian Schaefer cae...@gmail.com wrote: Hi Javier, I examined this for a short while and came to the conclusion that either you have to drop the requirement of having slashes in your parameter and find another solution or do the slightly unelegant str_replace(). Read more about it here: http://test.ical.ly/2010/07/20/how-you-run-into-problems-with-redirects-when-route-parameters-need-to-have-slashes-in-them/ Cheers /Christian On Wed, Mar 10, 2010 at 9:40 PM, Richtermeister nex...@gmail.com wrote: Hey Javier, I've come across this solution (simple string replace) a couple of times, and it works well for me so far, so I guess it's ok. Daniel On Mar 10, 10:03 am, Javier Sanchez javija...@gmail.com wrote: Hi all This is my problem. When i want to route with a parametrer slash / like :var = subprojectslug/pageslug symfony encoded slash to %2f and give a 404 error because apache desactivate the AllowEncodedSlashes for security I activate AllowEncodedSlashes On But i can't match url in a redirect and the URL is too ugly. Solution with AllowEncodedSlashes Off , go to core: sfRouting.class protected function fixGeneratedUrl($url, $absolute = false) { ... $url = str_ireplace('%2F', '/', $url); return $url; } This works... but, is a good solution? there are a better solution? is a dangerous fix and can affect to my project in other side? Thx Javier Sanchez Lopez -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- Blue Horn Ltd - System Development http://bluehorn.co.nz -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: Escape %2f in URL solution
Hey Javier, I've come across this solution (simple string replace) a couple of times, and it works well for me so far, so I guess it's ok. Daniel On Mar 10, 10:03 am, Javier Sanchez javija...@gmail.com wrote: Hi all This is my problem. When i want to route with a parametrer slash / like :var = subprojectslug/pageslug symfony encoded slash to %2f and give a 404 error because apache desactivate the AllowEncodedSlashes for security I activate AllowEncodedSlashes On But i can't match url in a redirect and the URL is too ugly. Solution with AllowEncodedSlashes Off , go to core: sfRouting.class protected function fixGeneratedUrl($url, $absolute = false) { ... $url = str_ireplace('%2F', '/', $url); return $url; } This works... but, is a good solution? there are a better solution? is a dangerous fix and can affect to my project in other side? Thx Javier Sanchez Lopez -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en