When purifying HTML containing an anchor tag containing only the fragment component, an E_DEPRECATED error is emitted from the host blacklist if it's configured. Depending on the application config, this may get upgraded to an ErrorException and cause a crash, but that's not relevant to the underlying issue.
HTMLPurifier version: v4.14.0 (found on an earlier version but updated to latest release to be sure)
Uncaught exception: ErrorException: strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated in /var/www/html/vendor/ezyang/htmlpurifier/library/HTMLPurifier/URIFilter/HostBlacklist.php:38
When purifying HTML containing an anchor tag containing only the fragment component, an
E_DEPRECATED
error is emitted from the host blacklist if it's configured. Depending on the application config, this may get upgraded to an ErrorException and cause a crash, but that's not relevant to the underlying issue.HTMLPurifier version:
v4.14.0
(found on an earlier version but updated to latest release to be sure)Simple reproduce case:
Possible fix: cast
$uri->host
to string on the mentioned line.Update - related to #310 I think.