Welcome! » Log In » Create A New Profile

AutoFormat.Linkify does now allow parentheses in url path

Posted by Lucas Meadows 
Forum List Message List New Topic
Lucas Meadows
AutoFormat.Linkify does now allow parentheses in url path
April 30, 2012 03:26PM

I'm having an issue with AutoFormat.Linkify mangling urls that contain parentheses.

My understanding is that the following url is valid: http://en.wikipedia.org/wiki/Comet_(programming)

You can see on the HTMLPurifier AutoFormat live demo that the linking behavior does not capture the entire url (it only captures the url up to the opening of the parenthesis).

Is this expected behavior? Is there something I can do to whitelist parens in the path of an url without sacrificing the security benefits of HTMLPurifier?

Here's the live demo link:

http://htmlpurifier.org/demo.php?filter%5BAutoFormat.AutoParagraph%5D=0&filter%5BAutoFormat.DisplayLinkURI%5D=0&filter%5BAutoFormat.Linkify%5D=1&filter%5BAutoFormat.RemoveEmpty%5D=0&filter%5BAutoFormat.RemoveSpansWithoutAttributes%5D=0&filter%5BNull_CSS.AllowedProperties%5D=1&filter%5BCore.CollectErrors%5D=0&filter%5BNull_HTML.Allowed%5D=1&filter%5BNull_HTML.Doctype%5D=1&filter%5BHTML.SafeObject%5D=0&filter%5BHTML.TidyLevel%5D=medium&filter%5BURI.DisableExternalResources%5D=0&filter%5BNull_URI.Munge%5D=1&html=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FComet_%28programming%29&submit=Submit&experimental=1

Reply Quote
Ambush Commander
Re: AutoFormat.Linkify does now allow parentheses in url path
April 30, 2012 03:30PM

Yes, it's intentional, and intended to handle cases like this: (http://google.com). There's no knob to fix it but I imagine tweaking the code wouldn't be too difficult.

Reply Quote
Lucas Meadows
Re: AutoFormat.Linkify does now allow parentheses in url path
May 07, 2012 10:47PM

That comment was profoundly unhelpful, but I suppose when you're writing 400+ posts per year you can no longer afford to spend the time necessary to provide meaningful assistance. Sweet post count though, broseph!

Reply Quote
Lucas Meadows
Re: AutoFormat.Linkify does now allow parentheses in url path
May 07, 2012 10:49PM

When I get around to figuring out a solution to this issue I'll post my solution, so as to make this page a useful resource.

Reply Quote
Ambush Commander
Re: AutoFormat.Linkify does now allow parentheses in url path
May 08, 2012 11:58AM

If you do want to tweak the code, all you have to do is fix the regex in library/HTMLPurifier/Injector/Linkify.php

Reply Quote
Newer Topic Older Topic
Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with < and >.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines: 

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with: 

.htmlpurifier-help {display:none;}

Message: