Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 ";" character in URL using forum code doesn't work
 New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

samyot
Junior Member

Canada
242 Posts

Posted - 18 September 2002 :  10:09:43  Show Profile  Visit samyot's Homepage  Send samyot a Yahoo! Message
Hi,

I noticed that if I have a ";" in a URL using this format:
#91;url="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q87239"]Example[/url]
And I click the link, in my browser address bar I see:
http://support.microsoft.com/default.aspx?scid=kb%20en-us%20Q87239
Which is not valid.

If I post the link without using the URL code, it is fine.

I am using IE6, is this a browser problem or a code problem?

Sylvain Amyot
Forum | Home

MY OTHER SITES:
http://www.mypcsecurity.ca
http://www.mynature.ca
http://www.myworkshop.ca
http://www.toptechsites.com
http://www.topsportsites.com
http://www.mysportsforums.net

Nikkol
Forum Moderator

USA
6907 Posts

Posted - 18 September 2002 :  10:33:02  Show Profile
I believe it's the code. It's done for security reasons by eliminating certain potentially dangerous characters from urls.

Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~
Go to Top of Page

samyot
Junior Member

Canada
242 Posts

Posted - 18 September 2002 :  10:49:21  Show Profile  Visit samyot's Homepage  Send samyot a Yahoo! Message
Hi,

Thanks for your reply. If it's in the code, then why does posting a URL without using the forum code tags work?

Sylvain Amyot
Forum | Home

MY OTHER SITES:
http://www.mypcsecurity.ca
http://www.mynature.ca
http://www.myworkshop.ca
http://www.toptechsites.com
http://www.topsportsites.com
http://www.mysportsforums.net
Go to Top of Page

ajhvdb
Junior Member

Netherlands
392 Posts

Posted - 18 September 2002 :  10:50:06  Show Profile
quote:
Originally posted by Nikkol

I believe it's the code. It's done for security reasons by eliminating certain potentially dangerous characters from urls.



It's strange, because without [*url] it works:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q87239

and between [*url] it doesn't:
http://support.microsoft.com/default.aspx?scid=kb en-us Q87239
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 18 September 2002 :  12:05:08  Show Profile
when you use [url] [/url] tags, the code between those tags is processed by the ReplaceURLs function. when a URL is posted that is not in between those tags, it is processed by edit_hrefs javascript function.
Go to Top of Page

samyot
Junior Member

Canada
242 Posts

Posted - 18 September 2002 :  12:56:24  Show Profile  Visit samyot's Homepage  Send samyot a Yahoo! Message
Thank you!

I found and commented out the filter on ";" in the ReplaceURLs function.

Since my Forums are computer support forums, I have many posts referring to support.microsoft.com which all have a ";" in the URL which I needed to work.

Is there a big security risk in removing the filter on ";" ? (Don't answer if this could be exploited)

Sylvain Amyot
Forum | Home

MY OTHER SITES:
http://www.mypcsecurity.ca
http://www.mynature.ca
http://www.myworkshop.ca
http://www.toptechsites.com
http://www.topsportsites.com
http://www.mysportsforums.net

Edited by - samyot on 18 September 2002 12:59:02
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 18 September 2002 :  13:59:32  Show Profile
We just filtered everything that could potentially cause a security risk. Whether it actually does, I'm not sure. Hackers are very resourceful individuals. They seem to be able to exploit things that otherwise wouldn't seem to be exploitable.
Go to Top of Page

samyot
Junior Member

Canada
242 Posts

Posted - 18 September 2002 :  14:06:28  Show Profile  Visit samyot's Homepage  Send samyot a Yahoo! Message
Thank you!

Sylvain Amyot
Forum | Home

MY OTHER SITES:
http://www.mypcsecurity.ca
http://www.mynature.ca
http://www.myworkshop.ca
http://www.toptechsites.com
http://www.topsportsites.com
http://www.mysportsforums.net

Edited by - samyot on 18 September 2002 14:17:26
Go to Top of Page

RichardKinser
Snitz Forums Admin

USA
16655 Posts

Posted - 18 September 2002 :  15:04:27  Show Profile
you are welcome
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.48 seconds. Powered By: Snitz Forums 2000 Version 3.4.07