0004271: URLs that include #'s - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update
0004271	mantisbt	bugtracker	public	2004-08-04 18:34	2013-02-24 18:01

Reporter	syzop	Assigned To	dregad
Priority	normal	Severity	tweak	Reproducibility	always
Status	closed	Resolution	won't fix

Summary	0004271: URLs that include #'s
Description	[not a duplicate of 0003866, but related] It seems that if an url with # is used with a number after it, mantis is confused and removes the #. Previously it removed the whole #number part. Neither of these are what I really want, I just want a working url ;).
Additional Information	I often refer to our FAQ from the bugtracker, which has urls like http://blah.net/bla/faq.php#FIVE (where FIVE is the actual digit 5). I'm not sure how easy it is to fix it, but it should be doable I think to not treat them as bugid's since it clearly has alpha chars before it (php#number) ;p.
Tags	No tags attached.

syzop 2004-08-04 18:35 reporter ~0006644 Last edited: 2004-08-04 18:39	http://blah.net/bla/faq.php#5 <- that's php DASH FIVE edit woops.. that works indeed. I was using urls like: 0000005" rel="noopener,nofollow">http://blah.net/bla/faq/0000005 <- thats faq SLASH DASH FIVE which is causing problems. sorry for the confusion. edited on: 08-04-04 18:39

jlatour 2004-08-05 19:05 reporter ~0006669	OK, so the problem is that bug references are being expanded inside URLs.

thraxisp 2004-08-05 19:58 reporter ~0006671 Last edited: 2004-08-06 11:42	This has been reported in other fields. For exampe, HTML tags can show up in headings (ref 0004126). edited on: 08-06-04 11:42

wschneider 2008-05-05 07:19 reporter ~0017774	This problem appears with other characters too. For example &0004126. Are there any plans to escape those bug link tags or note tags other than changing the config file?

giallu 2008-05-15 12:53 reporter ~0017848	I think using # char for hotlinking bug numbers was an unfortunate choice. That said, please note that using plain numbers for anchors (like in <a name="5"> is an error according to w3c standards. see: http://www.w3.org/TR/html4/types.html#type-cdata

grangeway 2008-07-13 10:08 reporter ~0018418	So the current matching regex's are allowing hyperlinks containing foo.html#1 ( foo dot html hash 1), but not allowing a hyperlink containing /0000001 (slash hash 1)

dregad 2013-02-13 09:22 developer ~0035124	As mentioned by giallu in 0004271:0017848, id/name tags are not allowed to start with a digit and must match the pattern [A-Za-z][A-Za-z0-9:_.-]* as per html 4.01 standard [1]. In later versions of the standard, it is recommended to stick to this pattern for backwards-compatibility [2], even though technically a wider range of characters is permitted [3] Based on the above, I'm resolving this as "won't fix". For those who would want to alter MantisBT to match syzop's requirements, the regex in string_process_bug_link() function can be altered to exclude additional chars, e.g. the '/' in the example below: diff --git a/core/string_api.php b/core/string_api.php index 67b6f9e..ad1f751 100644 --- a/core/string_api.php +++ b/core/string_api.php @@ -368,7 +368,7 @@ function string_process_bug_link( $p_string, $p_include_anchor = true, $p_detail } } $p_string = preg_replace_callback( '/(^\|[^\w&])' . preg_quote( $t_tag, '/' ) . '(\d+)\b/', $string_process_bug_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn], $p_string ); $p_string = preg_replace_callback( '/(^\|[^\w&\/])' . preg_quote( $t_tag, '/' ) . '(\d+)\b/', $string_process_bug_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn], $p_string ); return $p_string; } [1] http://www.w3.org/TR/html4/types.html#type-id [2] http://www.w3.org/TR/html/#C_8 [3] http://www.w3.org/TR/xml/#NT-Nmtoken