summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-07-25 09:30:04 +0200
committerGitHub <noreply@github.com>2016-07-25 09:30:04 +0200
commit121aea89e2eb6a4d48de83d2618b263b5c87dd75 (patch)
treee09d2f5f407cd7dd835b76dd7957ba773d91d1b0
parenta270d6853aff2f8ea7ef2d5d78329dd458e5ad36 (diff)
parent5afba5a8c444d608712174665288aa10237e8b27 (diff)
Merge pull request #4725 from tianhe1986/develop_url_encode_case_insensitive
Fix remove_invisible_characters() for URL-encoded characters in upper case
-rw-r--r--system/core/Common.php4
-rw-r--r--tests/codeigniter/core/Common_test.php12
2 files changed, 14 insertions, 2 deletions
diff --git a/system/core/Common.php b/system/core/Common.php
index 85e18e406..d66649f59 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -716,8 +716,8 @@ if ( ! function_exists('remove_invisible_characters'))
// carriage return (dec 13) and horizontal tab (dec 09)
if ($url_encoded)
{
- $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15
- $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31
+ $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15
+ $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31
}
$non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127
diff --git a/tests/codeigniter/core/Common_test.php b/tests/codeigniter/core/Common_test.php
index 81a185eaf..ca19e5de0 100644
--- a/tests/codeigniter/core/Common_test.php
+++ b/tests/codeigniter/core/Common_test.php
@@ -54,4 +54,16 @@ class Common_test extends CI_TestCase {
);
}
+ // ------------------------------------------------------------------------
+
+ public function test_remove_invisible_characters()
+ {
+ $raw_string = 'Here is a string containing invisible'.chr(0x08).' text %0e.';
+ $removed_string = 'Here is a string containing invisible text %0e.';
+ $this->assertEquals($removed_string, remove_invisible_characters($raw_string, FALSE));
+
+ $raw_string = 'Here is a string %0econtaining url_encoded invisible%1F text.';
+ $removed_string = 'Here is a string containing url_encoded invisible text.';
+ $this->assertEquals($removed_string, remove_invisible_characters($raw_string));
+ }
} \ No newline at end of file