What is the purpose of replacing the% 20 space before executing PHP rawurlencode ()?
This is a pretty silly question, sorry. There is a large and quite complex system that has a bug and I was able to trace it back to this part.
return str_replace('%2F', '/', rawurlencode(str_replace('%20', ' ', $key)));
There is a comment explaining why the slashes are replaced - to preserve the path structure, for example. encoded1 / encoded2 / etc .. However, there is no explanation why% 20 is replaced with space, and this part is the direct cause of the error. I'm tempted to just delete str_replace (), but it looks like it fit in there for some reason, and I get the feeling that I'll break something else by doing this. Has anyone come across something similar? Perhaps this is a dirty fix for some PHP bug? Any guesses and ideas are greatly appreciated!
source to share
This will result in the %20
(encoded space) not being encoded before %2F20
. However, it only serves to prevent double shielding spaces; other special characters will still be double-encoded.
This is a sign of bad code; strings that are passed to this function must not have rights to encoded characters.
I would recommend creating unit tests that cover all of the referenced code, and then refactoring that function to remove str_replace()
to make sure it doesn't break tests.
source to share
The first thing that comes to mind is a method to prevent double encoding.
Not that I would recommend doing such a thing this way, as it would quickly become useless (and already wondering why only this entity, perhaps "they" have never encountered problems with others ... yet) ...
source to share