[ic] area tag broken for full URLs

Gert van der Spoel gert at 3edge.com
Thu Feb 9 08:22:43 UTC 2017

> -----Original Message-----
> From: interchange-users-bounces at icdevgroup.org [mailto:interchange-users-
> bounces at icdevgroup.org] On Behalf Of Peter
> Sent: Thursday, February 9, 2017 09:10
> To: interchange-users at icdevgroup.org
> Subject: Re: [ic] area tag broken for full URLs
> On 05/02/17 23:05, Peter wrote:
> > On 05/02/17 23:01, Peter wrote:
> >> If you have a catalog with a VendUrl of www.example.com and you do
> >> [area href=http://www.example.net/test form=foo=bar]
> >>
> >> ...you get this as a result:
> >> http://www.example.com/test?foo=bar
> >>
> >> (note how [area] swapped the domain in the URL for the VendUrl
> >> domain)
> >>
> >> I note that the parsing of the page name in tag_area() parses out the
> >> domain name but puts it in $r instead.  $r is not passed onto
> >> vendUrl() at line 2767 of Interpolate.pm, but I believe it was
> >> intended to be the third argument instead of the current undef.
> >>
> >> Any comments on why it is undef and if changing this to $r will fix
> >> the issue?
> >
> > And indeed a quick test shows that changing the undef to $r does
> > indeed fix the issue.
> Any comments on this?  This seems to be an old bug and I want to try to
> certain that I'm not mucking something important up by fixing it.

I think that this is intended behavior. When you look at:

it appears to me that if you are having an external URL that you shouldn't
use the area tag:
'If you want to encode URI arguments into an external URI then you will have
to do it yourself using something like the following:
<a href="http://www.example.com/foo.html?bar=[filter urlencode]hello

So if you take the approach of: You should only use the area tag for
Interchange URLs then the code works as is.

And if you'd make the fix as you suggested there will be some other issues
that will be confusing:

When you have 
$opt->{secure}  = 1  ... 

sub tag_area  does:

        $urlroutine = $opt->{secure} ? \&secure_vendUrl : \&vendUrl;

        return $urlroutine->($page, $arg, undef, $opt);

So in case of $opt->{secure}  = 1   it will do secure_vendUrl.

And this does (in Util.pm):
sub secure_vendUrl {
        return vendUrl($_[0], $_[1], $Vend::Cfg->{SecureURL}, $_[3]);

The 3rd param then is $Vend::Cfg->{SecureURL} ... 

So https://whatever.you.want   will become SecureURL.

And it even seems redundant here as in sub vendURL you also have:
        if($opt->{secure} or exists $Vend::Cfg->{AlwaysSecure}{$path}) {
                $r = $Vend::Cfg->{SecureURL};

Anyway I think it's better to not touch. :)



More information about the interchange-users mailing list