Status/Resolution/Reason: Closed/Fixed/
Reporter/Name(from Bugbase): Aaron Neff / Aaron Neff (Aaron Neff)
Created: 01/21/2015
Components: Language
Versions: 11.0
Failure Type:
Found In Build/Fixed In Build: CF11_Final /
Priority/Frequency: Major / Some users will encounter
Locale/System: ALL / Platforms All
Vote Count: 0
! ( ) and * are valid in a URL's path and query string, but isValid("url") says they aren't
% is valid in a URL's path and query string only if it preceeds 2 hexadecimal digits, but isValid("url") doesn't perform this check
http://[::1] is valid as a URL's host, but isValid("url") says it isn't
Repro:
<cfscript>
//actual result: NO NO NO NO YES
//expected result: YES YES YES YES NO
for(char in "!,(,),*,%") {
writeOutput(isValid("url", 'http://localhost/' & char) & ' ');
}
//actual result: NO
//expected result: YES
writeOutput(isValid("url", "http://[::1]"));
</cfscript>
Example live URL containing ( and ): https://msdn.microsoft.com/en-us/library/aa752574(VS.85).aspx
Example live URL containing *: http://web.archive.org/web/*/http://www.wikipedia.org/
Didn't find a live example URL containing !, but repro is simple b/c ! is allowed in folder names
Related URL: http://www.ietf.org/rfc/rfc3986.txt
Related URL: http://tools.ietf.org/html/rfc2616#section-3.2
..or perhaps confirm w/ Roy Fielding there at Adobe
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3924581
External Customer Info:
External Company:
External Customer Name: Aaron
External Customer Email:
Attachments:
Comments: