Closed gijsstegehuis closed 7 months ago
Are you sure this isn't some kind of an issue with your Postgres db setup? I'm unable to reproduce this with Retour connected to a Postgres db
The Postgres db server_encoding is set to UTF8, so i can't imagine it is. I was able to reproduce this locally by using the postgres 14 docker image
So initially, I thought this was a lack of sanitization on the data being saved to the statistics, but that's already in place:
https://github.com/nystudio107/craft-retour/blob/develop-v4/src/helpers/Text.php#L85
Any of the user-provided strings are run through this method to clean up the text as a process of the model validation already.
What's actually happening is it's using the user-provided string (improperly encoded in your case) as a query parameter when looking up redirects, and probably statistics as well.
So what we'll do is ensure any of the parameters passed in to the various queries are also similarly sanitized to guard against this happening.
Fixed in the above commits.
Craft CMS 3:
You can try it now by setting your semver in your composer.json
to look like this:
"nystudio107/craft-retour": "dev-develop as 3.2.14”,
Then do a composer clear-cache && composer update
…..
Craft CMS 4:
You can try it now by setting your semver in your composer.json
to look like this:
"nystudio107/craft-retour": "dev-develop-v4 as 4.1.16”,
Then do a composer clear-cache && composer update
…..
Craft CMS 5:
You can try it now by setting your semver in your composer.json
to look like this:
"nystudio107/craft-seomatic": "dev-develop-v5 as 5.0.0-beta.5”,
Then do a composer clear-cache && composer update
Tested. Works 👍🏼 Good work Andrew!
Describe the bug
When the url path contains invalid characters it will throw an PDOException.
To reproduce
Steps to reproduce the behaviour: Visit a path like:
about/foo%EBbar
without having a redirect in place.Expected behaviour
A regular 404 page.
Screenshots
If applicable, add screenshots to help explain your problem.
Versions
Stack trace