Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:77327
Return-Path: <tjerk.meesters@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 42124 invoked from network); 19 Sep 2014 05:39:12 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 19 Sep 2014 05:39:12 -0000
Authentication-Results: pb1.pair.com header.from=tjerk.meesters@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=tjerk.meesters@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.174 as permitted sender)
X-PHP-List-Original-Sender: tjerk.meesters@gmail.com
X-Host-Fingerprint: 74.125.82.174 mail-we0-f174.google.com  
Received: from [74.125.82.174] ([74.125.82.174:46198] helo=mail-we0-f174.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 21/60-39979-E71CB145 for <internals@lists.php.net>; Fri, 19 Sep 2014 01:39:11 -0400
Received: by mail-we0-f174.google.com with SMTP id x48so1950954wes.33
        for <internals@lists.php.net>; Thu, 18 Sep 2014 22:39:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=7MypS6309DeFuCxKJEpyGLut0IR5L1QoVNUhXaSZS/A=;
        b=JtEPDD8sQzt0c7i658QWXMVHKSNkGPMvT/M/uJerM7rfuQ8WX7Qz9n8fxnd6BFwOJp
         E0xFJMzsctLpR9SaetgrjwU2UufGzNGUFFC5inI2TVlM/USx6Zy0M8VYcJkZOmS8qRId
         /VTaZvwYkSUuKf4WG+ovYRC1BhYn++SsiMJnYuOMNaHUtlAh6FVqIuakWaTQxzehyK7a
         jW5pRqP0agEdm3o11K3dQl69DMagY3JEB8KEDQH7DRH1rpjOsu9p0s3+0EnlET8PFVfa
         f+Kf/YjYy8gU6hRXSjfqOycZez6eYOmblBmzGuo0ruifVNrSJBpMWyK3ixHMJ9x5x3bB
         5sTw==
MIME-Version: 1.0
X-Received: by 10.194.243.230 with SMTP id xb6mr10165366wjc.100.1411105147457;
 Thu, 18 Sep 2014 22:39:07 -0700 (PDT)
Received: by 10.180.95.165 with HTTP; Thu, 18 Sep 2014 22:39:07 -0700 (PDT)
In-Reply-To: <CAOv1iQbywQntEXu+f9wQmYVKtfddDfcpSpVc6czJxGYBhfZJWA@mail.gmail.com>
References: <CAOv1iQbHuxbHK2KVk=jooNq41ThGkKkKRsQSLznsLJc0as3Q9A@mail.gmail.com>
	<C96EE418-6AE4-4455-BE08-E8EA33FFF165@ajf.me>
	<B4071880-AEF5-4F56-8EEB-3FB5251726FD@gmail.com>
	<CAOv1iQbywQntEXu+f9wQmYVKtfddDfcpSpVc6czJxGYBhfZJWA@mail.gmail.com>
Date: Fri, 19 Sep 2014 13:39:07 +0800
Message-ID: <CAHMUw2Hom7MY3kPgkBZgEV_aoULq-eikj-SW4m7cmopehbZziA@mail.gmail.com>
To: =?UTF-8?Q?K=C3=A9vin_Dunglas?= <dunglas@gmail.com>
Cc: Andrea Faulds <ajf@ajf.me>, PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=089e01493c940e164e05036485bf
Subject: Re: Internationalized Domain Name support in FILTER_VALIDATE_URL
From: tjerk.meesters@gmail.com (Tjerk Meesters)

--089e01493c940e164e05036485bf
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Fri, Sep 19, 2014 at 1:24 PM, K=C3=A9vin Dunglas <dunglas@gmail.com> wro=
te:

> Hi,
>
> The flag is a good idea to handle old systems but the feature must be
> enabled by default (at least for PHP 7) and disablable through the flag.
> IDN RFCs are more than 10 years old. All major browsers and registrars
> support IDN.
>

My apologies, I meant the inverse.

If ICU is enabled we should make FILTER_VALIDATE_URL check IDN by default
and add a flag to allow malformed IDN. However, it should not enforce the
dependency on ICU itself; if it's there, it will be used, otherwise it will
allow malformed IDN by default (if present).

Personally I wouldn't mind having this for 5.6 as well if the upgrade path
is clean, but the cleanest path I could think of involves having two flags
that do the opposite action :)


>
> Le vendredi 19 septembre 2014, Tjerk Meesters <tjerk.meesters@gmail.com>
> a =C3=A9crit :
>
>
>> On 19 Sep 2014, at 06:52, Andrea Faulds <ajf@ajf.me> wrote:
>>
>> >
>> > On 18 Sep 2014, at 21:26, K=C3=A9vin Dunglas <dunglas@gmail.com> wrote=
:
>> >
>> >> I'm working on enhancing the FILTER_VALIDATE_URL filter (
>> >> https://github.com/php/php-src/pull/826).
>> >> The current implementation does not support validation of
>> internationalized
>> >> domain names (i.e: http://www.acad=C3=A9mie-fran=C3=A7aise.fr/
>> <http://www.xn--acadmie-franaise-npb1a.fr/>
>> >> <http://www.xn--acadmie-franaise-npb1a.fr/>).
>> >>
>> >> Support of IDN validation can be easily added using ICU's
>> uidna_toASCII()
>> >> function.
>> >>
>> >> Is it acceptable to add a dependency to ICU for ext/filter?
>> >> Another option is to add a HAVE_ICU constant in main/php_config.h and
>> to
>> >> validate IDN only if ICU is present.
>> >>
>> >> What strategy is preferred?
>> >
>> > Perhaps add a new filter that covers normal URLs and IDN ones? I just
>> imagine it might cause problems if suddenly IDNs are accepted, if there =
is
>> a backend which can=E2=80=99t handle them.
>>
>> We don=E2=80=99t need a new filter, you can simply add a filter flag for
>> FILTER_VALIDATE_URL, e.g. FILTER_FLAG_ALLOW_IDN.
>>
>> Of course, the ICU dependency should be optional :)
>>
>> >
>> > --
>> > Andrea Faulds
>> > http://ajf.me/
>> >
>> >
>> >
>> >
>> >
>> > --
>> > PHP Internals - PHP Runtime Development Mailing List
>> > To unsubscribe, visit: http://www.php.net/unsub.php
>> >
>>
>>
>
> --
> K=C3=A9vin Dunglas
> Consultant et d=C3=A9veloppeur freelance
>
> http://dunglas.fr
> T=C3=A9l. : 06 60 91 20 20
>
>


--=20
--
Tjerk

--089e01493c940e164e05036485bf--