Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-9420

BBCode - Unable to use a proper URI token

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.x
    • Fix Version/s: 3.0.13-RC1, 3.1.0-b1
    • Component/s: Other
    • Labels:
      None

      Description

      I'll use the wiki BBCode to illustrate my example.

      Lets say you have the following BBCode:

      [wiki={TOKEN}]{TEXT}[/wiki]

      and HTML replacement:

      <a href="http://wiki.phpbb.com/{TOKEN}">{TEXT}</a>

      The problem here is that with the existing tokens:

      {TEXT} - Any text, including foreign characters, numbers, etc... {SIMPLETEXT} - Characters from the latin alphabet (A-Z), numbers, spaces, commas, dots, minus, plus, hyphen and underscore {IDENTIFIER} - Characters from the latin alphabet (A-Z), numbers, hyphen and underscore {NUMBER} - Any series of digits {EMAIL} - A valid e-mail address {URL} - A valid URL using any protocol (http, ftp, etc... cannot be used for javascript exploits). {LOCAL_URL} - A local URL. The URL must be relative to the topic page.
      - A HTML colour

      It is not possible to safely use a URL that contains anchors (#) or forward slashes. i.e. only {TEXT}

      would currently allow it.
      If there could be an additional token to use that would include the following:

      {URI_STRING}

      - Characters from the latin alphabet (A-Z), numbers, dots, minus, plus, underscore, ampersand, question (debatable), colon, forward slash.

      While percent would be nice to have, I think hackers would agree.
      Chars I believe need to be specifically avoided: percent, semi-colon, two successive dots, two successive forward slashes.

        Issue Links

          Activity

          Hide
          bantu Andreas Fischer added a comment -

          Solution could be: Adding "

          {URL_PART}

          - Path, query string and fragment of a URL."

          Show
          bantu Andreas Fischer added a comment - Solution could be: Adding " {URL_PART} - Path, query string and fragment of a URL."
          Hide
          brunoais brunoais added a comment -

          Is this being solved?

          Show
          brunoais brunoais added a comment - Is this being solved?
          Hide
          nickvergessen Joas Schilling added a comment -

          This should be covered by the INTTEXT type that was added in a 3.0.x Version:

          Unicode letter characters, numbers, spaces, commas, dots, minus, plus, hyphen, underscore and whitespaces.

          or am I missing something here?

          Show
          nickvergessen Joas Schilling added a comment - This should be covered by the INTTEXT type that was added in a 3.0.x Version: Unicode letter characters, numbers, spaces, commas, dots, minus, plus, hyphen, underscore and whitespaces. or am I missing something here?
          Hide
          nickvergessen Joas Schilling added a comment -

          Resolved by {RELATIVE_URL} which was added in PHPBB3-8319

          Show
          nickvergessen Joas Schilling added a comment - Resolved by { RELATIVE_URL } which was added in PHPBB3-8319

            People

            • Assignee:
              nickvergessen Joas Schilling
              Reporter:
              Highway of Life David Lewis [X] (Inactive)
            • Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development