mediawiki don't allow "%ab" as page name, but allow "%ft" or "%a"

Bug #577822 reported by cosechy on 2010-05-09
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MediaWiki
Invalid
Wishlist
mediawiki (Debian)
Confirmed
Undecided
Unassigned
mediawiki (Ubuntu)
Low
Unassigned

Bug Description

Binary package hint: mediawiki

mediawiki blocked %[a-f][a-f] only, that's confusing

if these names will lead to problems, you'd better block "%" entirely for better understanding.
and i don't know what are the problems. it doesn't appears to be any problems since all links to the name "%ft%rs" works well. if there are, those should be bugs.

if these names will not lead to problems, why should you have such a limit? remove it.

Which version of ubuntu/mediawiki is this in?

Changed in mediawiki (Ubuntu):
status: New → Incomplete
Thorsten Glaser (mirabilos) wrote :

I can confirm this for 1.15.4-1 on Debian.

I suggest you move this upstream; I think disallowing a percent sign in
the page name is reasonable myself.

Changed in mediawiki (Debian):
status: New → Confirmed

Forwarded bug from Ubuntu.

-----

Binary package hint: mediawiki

mediawiki blocked %[a-f][a-f] only, that's confusing

if these names will lead to problems, you'd better block "%" entirely for better understanding.
and i don't know what are the problems. it doesn't appears to be any problems since all links to the name "%ft%rs" works well. if there are, those should be bugs.

if these names will not lead to problems, why should you have such a limit? remove it.

Changed in mediawiki (Ubuntu):
status: Incomplete → Confirmed

http://www.mediawiki.org/wiki/%ab - works, though because it's not valid UTF-8 it gets converted to « according to content language's fallback encoding.

http://www.mediawiki.org/wiki/%ft - "Bad Request" by Apache
http://www.mediawiki.org/w/index.php?title=%ft - works, though because %ft is not a valid URL-encoded sequence, it gets eventually converted to %25ft

same thing with %a

I see no problem with MediaWiki, just Apache/rewrite rules.

This is the correct behavior, since we only block "%[0-9A-Fa-f]{2}" to not conflict with URL escaping sequences (includes/Title.php line 2420 in trunk).

So to clarify, this behaviour is by design? Is it likely to be left like that or changed in future?

Changed in mediawiki (Ubuntu):
importance: Undecided → Low
Jonathan Wiltshire (jwiltshire) wrote :

According to upstream, this is a deliberate limitation:

"This is the correct behavior, since we only block "%[0-9A-Fa-f]{2}" to not conflict with URL escaping sequences (includes/Title.php line 2420 in trunk)."

Changed in mediawiki (Ubuntu):
status: Confirmed → Won't Fix

This behaviour is by design indeed.

Changed in mediawiki:
importance: Unknown → Wishlist
status: Unknown → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.