If I use a redirect in action with non-Latin characters, then get the error: "Input evaluation generated an invalid URI".

For example, I want to go to the outside at: http://othersite.com?rel=нелатинскиебуквы

Can somehow solve this problem?

CommentFileSizeAuthor
#18 1726858-18-test-plus-fix.patch3.11 KBTR
#18 1726858-18-test-only.patch1.96 KBTR
#16 1726858-6-debug.patch2.9 KBTR
#15 1726858-6-debug.patch2.89 KBTR
#13 1726858-6-debug.patch2.8 KBTR
#11 1726858-6-debug.patch2.8 KBTR
#9 1726858-6-debug.patch2.69 KBTR
#8 1726858-6-debug.patch2.69 KBTR
#6 1726858-6.patch2.58 KBTR
#3 1726858-3.patch2.58 KBTR
#3 1726858-3-test-only.patch1.42 KBTR
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

ibraaheem’s picture

ibraaheem CreditAttribution: ibraaheem commented
Issue summary: View changes

read about url encoding and use the corresponding letters/symbols.

TR’s picture

TR CreditAttribution: TR commented
Version: 7.x-2.2 » 7.x-2.x-dev
Category: Feature request » Bug report
Priority: Normal » Minor

I can confirm that http://example.com/?rel=нелатинскиебуквы results in an "Input evaluation generated an invalid URI" error when used in a redirect URL. This should NOT happen.

I can also confirm that using the URL-encoded version http://example.com/?rel=%D0%BD%D0%B5%D0%BB%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B5%D0%B1%D1%83%D0%BA%D0%B2%D1%8B works properly. But we should not have to do that!

Changing this to a bug report for the current version of Rules. "Minor" because there is a simple work-around.

TR’s picture

TR CreditAttribution: TR commented
Status: Active » Needs review
FileSize
1726858-3-test-only.patch1.42 KB
1726858-3.patch2.58 KB

This only happens if the URL is absolute/external. A relative URL of ?rel=нелатинскиебуквы works just fine.

The cause of this bug is the core Drupal function valid_url(), which Rules uses to check the validity of the entered redirect URL. The valid_url() function is well-known to do the wrong thing in many cases. Dealing with Cyrillic is one of those known cases that valid_url() can't handle well.

So I think the solution here is to rawurlencode() the URL before checking it with valid_url(). That seems to work.

Attached are two patches:

  1. The first is a test-only patch that just contains new tests which test the redirect action with non-latin characters. This should FAIL, which demonstrates that this is a real bug.
  2. The second is a patch which fixes the problem AND contains the new tests. This should PASS, which demonstrates that the fix works.

Status: Needs review » Needs work

The last submitted patch, 3: 1726858-3.patch, failed testing. View results

TR’s picture

TR CreditAttribution: TR commented
Status: Needs work » Needs review

Hmm, that was not as expected. It works properly when I test it on my local machine. I suspect there's something special about using absolute URLs in the testbot. Investigating ...

TR’s picture

TR CreditAttribution: TR commented
FileSize
1726858-6.patch2.58 KB

Re-rolled against current HEAD.

Status: Needs review » Needs work

The last submitted patch, 6: 1726858-6.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

TR’s picture

TR CreditAttribution: TR commented
Status: Needs work » Needs review
FileSize
1726858-6-debug.patch2.69 KB

Same error as last year with the same patch, but it still works on my local dev environment (which is different than it was last year). DrupalCI doesn't provide any meaningful artifacts for D7 tests. So here's a new version of patch #6 with a few debugging statements added - hopefully that will shed some light on what is happening in the testbot.

TR’s picture

TR CreditAttribution: TR commented
FileSize
1726858-6-debug.patch2.69 KB

Status: Needs review » Needs work

The last submitted patch, 9: 1726858-6-debug.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

TR’s picture

TR CreditAttribution: TR commented
Status: Needs work » Needs review
FileSize
1726858-6-debug.patch2.8 KB

One more print statement.
It seems that on the testbot, clean URLs are not enabled. And what is happening is that DrupalWebTestCase::getUrl() is returning a differently formatted string that the built-in Drupal function url() for this test case. Reading the documentation, I suspect that getUrl() is wrong here, but this print statement should let me determine that for sure. Then I can work-around the core bug.

Status: Needs review » Needs work

The last submitted patch, 11: 1726858-6-debug.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

TR’s picture

TR CreditAttribution: TR commented
Status: Needs work » Needs review
FileSize
1726858-6-debug.patch2.8 KB

Status: Needs review » Needs work

The last submitted patch, 13: 1726858-6-debug.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

TR’s picture

TR CreditAttribution: TR commented
Status: Needs work » Needs review
FileSize
1726858-6-debug.patch2.89 KB
TR’s picture

TR CreditAttribution: TR commented
FileSize
1726858-6-debug.patch2.9 KB

Remind me to stop hand-editing patches ...

Status: Needs review » Needs work

The last submitted patch, 16: 1726858-6-debug.patch, failed testing. View results
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.

TR’s picture

TR CreditAttribution: TR commented
FileSize
1726858-18-test-only.patch1.96 KB
1726858-18-test-plus-fix.patch3.11 KB
TR’s picture

TR CreditAttribution: TR commented
Status: Needs work » Needs review