Resource Alias can have invalid characters in it

[vrdriver]

Bug report

Summary

I discovered by accident that the Resource Alias can be automatically populated with invalid characters when creating and saving a new 'page' resource.

Step to reproduce

How to reproduce the issue, including custom code if needed.

I made a new resource/page with a snippet in it and called the page "FILE:/// to Windows Explorer raw Path"

My Resource Alias then appeared as "file///-to-windows-explorer-raw-path" which is an invalid URL.

Expected behavior

This should have at least removed the slashes and had the output as "file-to-windows-explorer-raw-path" or similar.

Environment

MODX Revolution 2.8.7-pl (traditional) Version codename: Revolution phpinfo(): View Server Time: 11:22:31 AM Local Time: 11:22:31 AM Server Offset: 0 ExtJS Version: 3.4.1 Smarty Version: 3.1.48 PHPMailer Version: 6.5.1 MagpieRSS Version: 0.72 Database type: mysql Database version: 10.5.26-MariaDB-cll-lve Database charset: utf8 Database name: stephe19_btmedia Database server: localhost Table prefix: BTMmodx PDO support: enabled PDO drivers: mysql, odbc, pgsql, sqlite PDO Driver for MySQL: enabled Client API version: mysqlnd 7.4.33 Directive: Local Value,Master Value pdo_mysql.default_socket: /var/lib/mysql/mysql.sock,/var/lib/mysql/mysql.sock Zip: enabled Zip version: 1.15.6 Libzip headers version: 1.10.1 Libzip library version: 1.10.1 allow_url_fopen: On allow_url_include: Off arg_separator.input: & arg_separator.output: & auto_append_file: no value auto_globals_jit: On auto_prepend_file: no value browscap: no value default_charset: UTF-8 default_mimetype: text/html disable_classes: no value disable_functions: no value display_errors: Off display_startup_errors: Off doc_root: no value docref_ext: no value docref_root: no value enable_dl: On enable_post_data_reading: On error_append_string: no value error_log: error_log error_prepend_string: no value error_reporting: 32767 expose_php: On extension_dir: /opt/alt/php74/usr/lib64/php/modules file_uploads: On hard_timeout: 2 highlight.comment:

FF8000

highlight.default:

0000BB

highlight.html:

000000

highlight.keyword:

007700

highlight.string:

DD0000

html_errors: On ignore_repeated_errors: Off ignore_repeated_source: Off ignore_user_abort: Off implicit_flush: Off include_path: .:/opt/alt/php74/usr/share/pear input_encoding: no value internal_encoding: no value log_errors: Off log_errors_max_len: 1024 mail.add_x_header: Off mail.force_extra_parameters: no value mail.log: no value max_execution_time: 300 max_file_uploads: 20 max_input_nesting_level: 64 max_input_time: -1 max_input_vars: 10000 max_multipart_body_parts: -1 memory_limit: 768M open_basedir: no value output_buffering: 4096 output_encoding: no value output_handler: no value post_max_size: 128M precision: 14 realpath_cache_size: 4096K realpath_cache_ttl: 120 register_argc_argv: Off report_memleaks: On report_zend_debug: On request_order: no value sendmail_from: no value sendmail_path: /usr/sbin/sendmail -t -i serialize_precision: 100 short_open_tag: On SMTP: localhost smtp_port: 25 sys_temp_dir: no value syslog.facility: LOG_USER syslog.filter: no-ctrl syslog.ident: php track_errors: Off unserialize_callback_func: no value upload_max_filesize: 128M upload_tmp_dir: no value user_dir: no value user_ini.cache_ttl: 300 user_ini.filename: .user.ini variables_order: EGPCS xmlrpc_error_number: 0 xmlrpc_errors: Off zend.assertions: 1 zend.detect_unicode: On zend.enable_gc: On zend.exception_ignore_args: Off zend.multibyte: Off zend.script_encoding: no value zend.signal_check: Off

[halftrainedharry]

There are system settings that control the way an alias is created from the pagetitle. Take a look at the settings in the area = "Friendly URL" (especially friendly_alias_restrict_chars_pattern and friendly_alias_restrict_chars).

[vrdriver]

Thanks Harry. I've just got the default options on which I would have thought that out of the box it would have prevented weird stuff like this. I'll just change it to legal instead. Cheers.

https://docs.modx.com/current/en/building-sites/settings/friendly_alias_restrict_chars_pattern https://docs.modx.com/3.x/en/building-sites/settings/friendly_alias_restrict_chars

[vrdriver]

As it's not a bug, and more of a UX, I'll close it.