#31649 [NEW]: urldecode does not follow ECMA standard or standard browser practice

Fri, 21 Jan 2005 13:29:46 -0800 

From:             james at gogo dot co dot nz
Operating system: All
PHP version:      4.3.10
PHP Bug Type:     URL related
Bug description:  urldecode does not follow ECMA standard or standard browser 
practice

Description:
------------
urldecode() does not understand the %uxxxx format for escaping unicode
characters above 0xFF.

This is a very old bug, originally reported as bug #15027 and declared
bogus, I believe erroneously, and here is the reasoning...

In all modern browsers (including Mozilla), JavaScript's escape() function
uses %HH for Unicode codepoints below 0x0100, but %uHHHH for codepoints
above there.

>From ECMA-262:
--------------
For characters whose Unicode encoding is 0xFF or less, a two-digit escape
sequence of the form %xx is used in accordance with RFC1738. For
characters whose Unicode encoding is greater than 0xFF, a four-digit
escape sequence of the form %uxxxx is used.
--------------

I believe this is a bug, PHP is unable to urldecode the valid escape()d
values from modern browsers when those escape()d strings contain unicode
characters greater than 0xFF.  

Declaring it not a bug because it is not in the RFCs, but rather defined
by ECMA is a poor decision.



Reproduce code:
---------------
echo urldecode('%u2013');


Expected result:
----------------
A string containing the three characters comprising the unicode character
0x2013 (En Dash) in utf-8, namely 0xE2 0x80 and 0x93.

Actual result:
--------------
The literal string "%u2013".

-- 
Edit bug report at http://bugs.php.net/?id=31649&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=31649&r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=31649&r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=31649&r=trysnapshot51
Fixed in CVS:                http://bugs.php.net/fix.php?id=31649&r=fixedcvs
Fixed in release:            http://bugs.php.net/fix.php?id=31649&r=alreadyfixed
Need backtrace:              http://bugs.php.net/fix.php?id=31649&r=needtrace
Need Reproduce Script:       http://bugs.php.net/fix.php?id=31649&r=needscript
Try newer version:           http://bugs.php.net/fix.php?id=31649&r=oldversion
Not developer issue:         http://bugs.php.net/fix.php?id=31649&r=support
Expected behavior:           http://bugs.php.net/fix.php?id=31649&r=notwrong
Not enough info:             
http://bugs.php.net/fix.php?id=31649&r=notenoughinfo
Submitted twice:             
http://bugs.php.net/fix.php?id=31649&r=submittedtwice
register_globals:            http://bugs.php.net/fix.php?id=31649&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=31649&r=php3
Daylight Savings:            http://bugs.php.net/fix.php?id=31649&r=dst
IIS Stability:               http://bugs.php.net/fix.php?id=31649&r=isapi
Install GNU Sed:             http://bugs.php.net/fix.php?id=31649&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=31649&r=float
No Zend Extensions:          http://bugs.php.net/fix.php?id=31649&r=nozend
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=31649&r=mysqlcfg

Reply via email to