<?php
$urls = [
'http://evil.com?example.org/foo/bar',
'http://evil.com?example.org/foo/bar?baz#quux',
'http://evil.com?example.org?baz#quux',
'http://evil.com?example.org#quux',
];
foreach ( $urls as $url ) {
$bits = parse_url( $url );
if ( isset( $bits['host'] ) && strpos( $bits['host'], '?' ) !== false ) {
list( $host, $query ) = explode( '?', $bits['host'], 2 );
$bits['host'] = $host;
$bits['query'] = $query
. ( isset( $bits['path'] ) ? $bits['path'] : '' )
. ( isset( $bits['query'] ) ? '?' . $bits['query'] : '' );
unset( $bits['path'] );
}
var_dump( $bits );
}
- Output for 5.4.0 - 5.4.45, 5.5.0 - 5.5.38, 5.6.0 - 5.6.40, 7.0.0 - 7.0.33, 7.1.0 - 7.1.33, 7.2.0 - 7.2.33, 7.3.0 - 7.3.33, 7.4.0 - 7.4.33, 8.0.0 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18, 8.3.0 - 8.3.4, 8.3.6
- array(3) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(19) "example.org/foo/bar"
}
array(4) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(23) "example.org/foo/bar?baz"
["fragment"]=>
string(4) "quux"
}
array(4) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(15) "example.org?baz"
["fragment"]=>
string(4) "quux"
}
array(4) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(11) "example.org"
["fragment"]=>
string(4) "quux"
}
- Output for 8.3.5
- Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
array(3) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(19) "example.org/foo/bar"
}
array(4) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(23) "example.org/foo/bar?baz"
["fragment"]=>
string(4) "quux"
}
array(4) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(15) "example.org?baz"
["fragment"]=>
string(4) "quux"
}
array(4) {
["scheme"]=>
string(4) "http"
["host"]=>
string(8) "evil.com"
["query"]=>
string(11) "example.org"
["fragment"]=>
string(4) "quux"
}
- Output for 4.4.2 - 4.4.9, 5.1.0 - 5.1.6, 5.2.0 - 5.2.17, 5.3.0 - 5.3.29
- Parse error: syntax error, unexpected '[' in /in/9SFUa on line 3
Process exited with code 255. - Output for 4.3.0 - 4.3.1, 4.3.5 - 4.3.11, 4.4.0 - 4.4.1, 5.0.0 - 5.0.5
- Parse error: parse error, unexpected '[' in /in/9SFUa on line 3
Process exited with code 255. - Output for 4.3.2 - 4.3.4
- Parse error: parse error in /in/9SFUa on line 3
Process exited with code 255.
preferences:
363.32 ms | 401 KiB | 452 Q