• Resolved Exavior

    (@exavior)


    Please review this ASAP. The new version of the plugin is reformatting our URLS and stripping out vital characters that are used by our framework to replace values dynamically

    Example url:

    http://www.somesite.com/?hello={world}&foo={bar}

    The new version of the plugin is stripping out brackets {}

    How that could happen I have no idea, as I’ve worked with you in the past on helping us support this use case. Having it strip out the brackets could cost us a fortune if one of our production sites was mistakingly updated to the new plugin.

    This is currently putting a hold on us launching a new site, since it was built with the new plugin version.

    Please help!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter Exavior

    (@exavior)

    Pretty Links Version 3.0.8

    Field getting mangled: Target URL

    Plugin Author cartpauj

    (@cartpauj)

    Does changing it to http://www.somesite.com/?hello=%7Bworld%7D&foo=%7Bbar%7D allow it to work?

    Curly braces are considered unsafe characters, and are not valid in URIs (see RFC 3986).

    3.0.0 has many security improvements. One of which is to run all URL’s through esc_url() WordPress function.

    esc_url() strips out { and } from URL’s.

    It does have a filter you could use to restore the URL back to it’s original.

    
    function restore_url_to_original($good_protocol_url, $original_url, $_context) {
      return $original_url;
    }
    add_filter('clean_url', 'restore_url_to_original', 11, 3);
    

    Putting that code in functions.php or in a plugin like My Custom Functions, or Code Snippets should get around it.

    Thread Starter Exavior

    (@exavior)

    The brackets are processed on our end to replace them with values from the originating page’s query string, so they need to be exact.

    We can’t change our formatting, as we run a large number of sites, each with thousands of pretty links that we’ve built over many years using this plugin, so we need a future-proof solution.

    Any chance of making this a toggleable feature in the plugin settings moving forward? We work with a number of solutions that address dynamic parameters in URLs using french brackets, so this is not really that much of an edge case.

    For now I’ll try adding the filter to our new site.

    Would adding this filter to sites that are running an older version of your plugin cause any issues? If possible I’d like to update our codebase with the filter prior to updating those plugins. Otherwise we’ll have to time the plugin update with a new build.

    Thanks for the help!

    Plugin Author cartpauj

    (@cartpauj)

    @exavior the filter will not affect older versions of pretty links. So that should be just fine.

    Thread Starter Exavior

    (@exavior)

    Thanks, that code did the trick on our new site, so we should be able to launch it without having to roll back the plugin.

    I’ll start implementing that snipit on all our production sites on Monday so our maintenance team can move forward with scheduled plugin updates without having our sites stop functioning.

    Thanks again for the quick replies and support. Really appreciate it! (can’t possibly stress that enough, we averted a major financial disaster. Had that gone into production )

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘EMERGENCY! URLs being re-formatted by new plugin.’ is closed to new replies.