 Disallowed characters in URI |
(05-29-2024, 06:18 PM)kenjis Wrote: Read https://codeigniter.com/user_guide/gener...characters That was the first thing I did. According to that, there are two options. Option 1. I can turn off the whole check by setting it to '' which is not safe for the whole project. Option 2. I can add all the characters one can type on the keyboard, which is the same thing as option 1. basically. There should be a middle ground, where it is possible to disable this for some controllers/methods. It worked before 4.4.7. Or there was no filtering before that? Or there was this bug for years? CodeIgniter 3 hasĀ permitted_uri_chars too, which is the same thing, so I assume there was filtering before 4.4.7 and it was not a bug that it worked. How am I supposed to know all the most common possible characters? For example, I switch between Chinese, Japanese, Korean keyboard layouts all the time. Sometimes I type something, press enter and realize, I did not switch. And these are just the CJK characters. If someone types a wrong character into a search field, not maliciously, the whole site will crash -> Whoops! page. That is a joke to me. There should be a way to handle this properly. As I said before. In my opinion the url should not beĀ decoded before the checkDisallowedChars. |
| Messages In This Thread |
|
Disallowed characters in URI - by loxia - 05-20-2024, 02:04 PM
RE: Disallowed characters in URI - by loxia - 05-29-2024, 04:38 PM
RE: Disallowed characters in URI - by kenjis - 05-29-2024, 06:18 PM
RE: Disallowed characters in URI - by loxia - 05-29-2024, 07:59 PM
RE: Disallowed characters in URI - by kenjis - 05-29-2024, 09:09 PM
RE: Disallowed characters in URI - by kenjis - 05-29-2024, 09:15 PM
RE: Disallowed characters in URI - by kenjis - 05-29-2024, 08:51 PM
RE: Disallowed characters in URI - by kenjis - 05-29-2024, 09:18 PM
RE: Disallowed characters in URI - by loxia - 05-30-2024, 04:42 AM
|
