stackoom
  简体   繁体   中英

filter_var() accepts invalid URL

 原文  2013-06-27 02:31:52       php/ filter-var

Question

Why does filter_var() accepts and validate this URL http://http://www.google.com ? 

$website = "http://http://www.google.com";

echo filter_var($website, FILTER_VALIDATE_URL); // This outputs the value of $website

I think this is wrong. Any solution or fixed for this?

phpinfo()

在此处输入图片说明

1 answers

solution1
 2  2013-06-27 03:00:01

Seems like you've found a bug in PHP. The PHP manual states that FILTER_VALIDATE_URL validates uris according to http://www.faqs.org/rfcs/rfc2396.html

If you read the spec, PHP obviously fails to properly validate per the guidelines. Specifically, in section 3 (URI Syntactic Components), it's defined that the scheme (http in your case) may only exist once, and precedes the only colon in the uri.

You should report this bug at https://bugs.php.net/

Good work finding it!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP filter_var URL URL filtering in php, filter_var or htmlentities Validating URL with and without protocol with filter_var filter_var for password PHP filter_var() - FILTER_VALIDATE_URL PHP regex for url validation, filter_var is too permisive filter_var in php 5.3.8 filter_var incorrect for URLs Php filter_var function Emails are not validating with filter_var
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM