diff options
author | Andrey Andreev <narf@devilix.net> | 2016-07-25 09:30:04 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-07-25 09:30:04 +0200 |
commit | 121aea89e2eb6a4d48de83d2618b263b5c87dd75 (patch) | |
tree | e09d2f5f407cd7dd835b76dd7957ba773d91d1b0 | |
parent | a270d6853aff2f8ea7ef2d5d78329dd458e5ad36 (diff) | |
parent | 5afba5a8c444d608712174665288aa10237e8b27 (diff) |
Merge pull request #4725 from tianhe1986/develop_url_encode_case_insensitive
Fix remove_invisible_characters() for URL-encoded characters in upper case
-rw-r--r-- | system/core/Common.php | 4 | ||||
-rw-r--r-- | tests/codeigniter/core/Common_test.php | 12 |
2 files changed, 14 insertions, 2 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index 85e18e406..d66649f59 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -716,8 +716,8 @@ if ( ! function_exists('remove_invisible_characters')) // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 + $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31 } $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 diff --git a/tests/codeigniter/core/Common_test.php b/tests/codeigniter/core/Common_test.php index 81a185eaf..ca19e5de0 100644 --- a/tests/codeigniter/core/Common_test.php +++ b/tests/codeigniter/core/Common_test.php @@ -54,4 +54,16 @@ class Common_test extends CI_TestCase { ); } + // ------------------------------------------------------------------------ + + public function test_remove_invisible_characters() + { + $raw_string = 'Here is a string containing invisible'.chr(0x08).' text %0e.'; + $removed_string = 'Here is a string containing invisible text %0e.'; + $this->assertEquals($removed_string, remove_invisible_characters($raw_string, FALSE)); + + $raw_string = 'Here is a string %0econtaining url_encoded invisible%1F text.'; + $removed_string = 'Here is a string containing url_encoded invisible text.'; + $this->assertEquals($removed_string, remove_invisible_characters($raw_string)); + } }
\ No newline at end of file |