summaryrefslogtreecommitdiff
path: root/includes/common.inc
diff options
context:
space:
mode:
Diffstat (limited to 'includes/common.inc')
-rw-r--r--includes/common.inc12
1 files changed, 7 insertions, 5 deletions
diff --git a/includes/common.inc b/includes/common.inc
index 4b41373fe..98b654316 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -2149,17 +2149,19 @@ function drupal_json($var = NULL) {
* Notes:
* - For esthetic reasons, we do not escape slashes. This also avoids a 'feature'
* in Apache where it 404s on any path containing '%2F'.
- * - mod_rewrite's unescapes %-encoded ampersands and hashes when clean URLs
- * are used, which are interpreted as delimiters by PHP. These characters are
- * double escaped so PHP will still see the encoded version.
+ * - mod_rewrite unescapes %-encoded ampersands, hashes, and slashes when clean
+ * URLs are used, which are interpreted as delimiters by PHP. These
+ * characters are double escaped so PHP will still see the encoded version.
+ * - With clean URLs, Apache changes '//' to '/', so every second slash is
+ * double escaped.
*
* @param $text
* String to encode
*/
function drupal_urlencode($text) {
if (variable_get('clean_url', '0')) {
- return str_replace(array('%2F', '%26', '%23'),
- array('/', '%2526', '%2523'),
+ return str_replace(array('%2F', '%26', '%23', '//'),
+ array('/', '%2526', '%2523', '/%252F'),
urlencode($text));
}
else {
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-25 20:12:05 +0000