AutoFormat.Linkify does now allow parentheses in url path I'm having an issue with AutoFormat.Linkify mangling urls that contain parentheses. My understanding is that the following url is valid: http://en.wikipedia.org/wiki/Comet_(programming) You can see on the HTMLPurifier AutoFormat live demo that the linking behavior does not capture the entire url (it only captures the url up to the opening of the parenthesis). Is this expected behavior? Is there something I can do to whitelist parens in the path of an url without sacrificing the security benefits of HTMLPurifier? Here's the live demo link: http://htmlpurifier.org/demo.php?filter%5BAutoFormat.AutoParagraph%5D=0&filter%5BAutoFormat.DisplayLinkURI%5D=0&filter%5BAutoFormat.Linkify%5D=1&filter%5BAutoFormat.RemoveEmpty%5D=0&filter%5BAutoFormat.RemoveSpansWithoutAttributes%5D=0&filter%5BNull_CSS.AllowedProperties%5D=1&filter%5BCore.CollectErrors%5D=0&filter%5BNull_HTML.Allowed%5D=1&filter%5BNull_HTML.Doctype%5D=1&filter%5BHTML.SafeObject%5D=0&filter%5BHTML.TidyLevel%5D=medium&filter%5BURI.DisableExternalResources%5D=0&filter%5BNull_URI.Munge%5D=1&html=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FComet_%28programming%29&submit=Submit&experimental=1 http://htmlpurifier.org/phorum/read.php?3,6333,6333#msg-6333 Sat, 18 May 2013 20:23:54 -0400 Phorum 5.2.18 http://htmlpurifier.org/phorum/read.php?3,6333,6377#msg-6377 Re: AutoFormat.Linkify does now allow parentheses in url path http://htmlpurifier.org/phorum/read.php?3,6333,6377#msg-6377 If you do want to tweak the code, all you have to do is fix the regex in library/HTMLPurifier/Injector/Linkify.php

]]> Ambush Commander Support Tue, 08 May 2012 11:58:52 -0400 http://htmlpurifier.org/phorum/read.php?3,6333,6376#msg-6376 Re: AutoFormat.Linkify does now allow parentheses in url path http://htmlpurifier.org/phorum/read.php?3,6333,6376#msg-6376 When I get around to figuring out a solution to this issue I'll post my solution, so as to make this page a useful resource.

]]> Lucas Meadows Support Mon, 07 May 2012 22:49:37 -0400 http://htmlpurifier.org/phorum/read.php?3,6333,6375#msg-6375 Re: AutoFormat.Linkify does now allow parentheses in url path http://htmlpurifier.org/phorum/read.php?3,6333,6375#msg-6375 That comment was profoundly unhelpful, but I suppose when you're writing 400+ posts per year you can no longer afford to spend the time necessary to provide meaningful assistance. Sweet post count though, broseph!

]]> Lucas Meadows Support Mon, 07 May 2012 22:47:26 -0400 http://htmlpurifier.org/phorum/read.php?3,6333,6334#msg-6334 Re: AutoFormat.Linkify does now allow parentheses in url path http://htmlpurifier.org/phorum/read.php?3,6333,6334#msg-6334 Yes, it's intentional, and intended to handle cases like this: (http://google.com). There's no knob to fix it but I imagine tweaking the code wouldn't be too difficult.

]]> Ambush Commander Support Mon, 30 Apr 2012 15:30:20 -0400 http://htmlpurifier.org/phorum/read.php?3,6333,6333#msg-6333 AutoFormat.Linkify does now allow parentheses in url path http://htmlpurifier.org/phorum/read.php?3,6333,6333#msg-6333 I'm having an issue with AutoFormat.Linkify mangling urls that contain parentheses.

My understanding is that the following url is valid: http://en.wikipedia.org/wiki/Comet_(programming)

You can see on the HTMLPurifier AutoFormat live demo that the linking behavior does not capture the entire url (it only captures the url up to the opening of the parenthesis).

Is this expected behavior? Is there something I can do to whitelist parens in the path of an url without sacrificing the security benefits of HTMLPurifier?

Here's the live demo link:

http://htmlpurifier.org/demo.php?filter%5BAutoFormat.AutoParagraph%5D=0&filter%5BAutoFormat.DisplayLinkURI%5D=0&filter%5BAutoFormat.Linkify%5D=1&filter%5BAutoFormat.RemoveEmpty%5D=0&filter%5BAutoFormat.RemoveSpansWithoutAttributes%5D=0&filter%5BNull_CSS.AllowedProperties%5D=1&filter%5BCore.CollectErrors%5D=0&filter%5BNull_HTML.Allowed%5D=1&filter%5BNull_HTML.Doctype%5D=1&filter%5BHTML.SafeObject%5D=0&filter%5BHTML.TidyLevel%5D=medium&filter%5BURI.DisableExternalResources%5D=0&filter%5BNull_URI.Munge%5D=1&html=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FComet_%28programming%29&submit=Submit&experimental=1

]]> Lucas Meadows Support Mon, 30 Apr 2012 15:26:49 -0400