Comments (9)
Lowercasing the <head>
tags (open and closed) seems to fix the parsing, which is weird because the regexp used to parse ends with a /si
flags
from php-openid.
Actually lowercasing just the first is enough.
This is with PHP 5.6.19-0+deb8u1
from php-openid.
from #PHP IRC channel on Freenode:
18:17 <@TML> strk: But an XPath would be so much easier: $dom = new DOMDocument();
$dom->loadHTML($data); $xpath = new DOMXPath($dom); $head =
$xpath->query('//head')->items(0);
from php-openid.
I restricted the input further.
This does not work:
<HTML>
<HEAD>
<link rel="openid2.provider" href="https://id.kbt.io/" />
<link rel="openid2.local_id" href="https://strk.kbt.io/openid/" />
</HEAD>
While this works:
<HTML>
<head>
<link rel="openid2.provider" href="https://id.kbt.io/" />
<link rel="openid2.local_id" href="https://strk.kbt.io/openid/" />
</HEAD>
from php-openid.
The built regexp attempting to find that head
block is this:
re:/<head\b(?!:)([^>]*?)(?:\/>|>(.*)(?:<\/?(?:head|body|html)\s*>|\Z))/si
from php-openid.
Commenting out the $match = $match[0]
line in function match
around line 218 of Auth/OpenID/Parse.php fixes this case.
from php-openid.
Sorry I was wrong, the actual fix is to always use preg_match rather than using mb_ereg_search
after stripping flags (which is what makes that regexp case-sensitive).
So, what's the rationale to prefer mb_ereg_search
over preg_match
?
from php-openid.
and the $match = $match[0]
line needs to go away when preg_match
is used...
from php-openid.
@pfefferle here you can find the testcase if you want to give it a try
from php-openid.
Related Issues (20)
- You can view the HTML library documentation in the doc/ directory? HOT 1
- Provide info about errors occurring during parsing HOT 2
- PEAR DB is deprecated
- detect.php says that An unexpected URL was returned HOT 1
- CVE-2016-2049 HOT 6
- PHP7 Support HOT 2
- Old php constructors HOT 3
- Why is new changes are not being released in new version? HOT 6
- review plugin page HOT 3
- How to integrate php-openid to piwik? HOT 1
- Auth_OpenID_ServerErrorContainer::$error_code is inaccessible HOT 1
- Default property value public $code = 0; for Auth_OpenID_ServerRespons class breaks code
- Cannot access private property Auth_OpenID_CheckIDRequest::$identity HOT 3
- my bad
- 0986220799 HOT 1
- Thái Bình
- OpenID2 return_to check fails because of nonce being applied automatically HOT 1
- Instrument version reflection from Composer HOT 1
- invalid information in readme.md file HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from php-openid.