Closed levvsha closed 3 years ago
Feel free to open a PR. As long as ctrl characters are successfully removed to prevent javascript urls from being allowed, it should be fine.
~@crookedneighbor I have a fix ready for this but can't push a branch. Can you give me permission? Thank you~
Nevermind permissions, I figured out how to open a PR form a fork.
PR is ready
This is fixed (thanks to @akirchmyer) and released in v5.0.1
I faced with a problem, that sanitize-url replaces Cyrillic characters. So it is impossible to sanitize Cyrillic domains (like https://лот.рф) or urls with Cyrillic characters in search params (like https://yandex.ru/search/?text=шишки).
Check this example in runkit.
Is this behaviour intentional or maybe I can open a PR to fix it?