WordPress.org

Make WordPress Core

Opened 2 months ago

Last modified 11 days ago

#51348 new defect (bug)

Trailing slash redirect removes pipes from query strings

Reported by: simjost Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.5.1
Component: Canonical Keywords: reporter-feedback close
Focuses: Cc:

Description

We are using some query strings for tracking and campaign purposes and some of them contain pipes.
An example:
https://example.com/page?key=value1|value2

When using one of the template permalinks a trailing slash is added at the end and WordPress will redirect from non trailing slash url to a trailing slash one. Same goes the other way around when a custom permalink is set without a trailing slash and an url with a trailing slash is accessed.

We noticed, that during this redirect all pipes in the query string are lost/removed/stripped.
The example above will result in:
https://example.com/page/?key=value1value2

Change History (6)

#1 @TimothyBlynJacobs
2 months ago

  • Keywords reporter-feedback added

Hi @simjost welcome to trac!

Have you tried url encoding your query parameter? As far as I know, a pipe is not an allowed character, so it must be url encoded.

When I try http://trunk.test/sample-page?key=v1%7Cv2 I get successfully redirected to http://trunk.test/sample-page/?key=v1%7Cv2.

#2 @SergeyBiryukov
2 months ago

  • Component changed from Permalinks to Canonical
  • Keywords close added

#3 follow-up: @simjost
12 days ago

Hi @TimothyBlynJacobs,

yes, we tried encoding it and it is fine. Unfortunately the plain pipe is needed. I have informed the people making the requirements on this, that they should reconsider.

However, to my knowledge the pipe is not a unallowed character in urls anymore and WordPress is handeling it very differently in different circumstances.
On the root page with or without the trailing slash, WordPress is encoding it by default.
On subpages without a trailing slash, the pipe gehts removed (and our WordPress redirects to the url with a trailing slash).
On subpages with a trailing slash, the pipe stays.

The behaviour should be uniform across all scenarios.

#4 in reply to: ↑ 3 @TimothyBlynJacobs
11 days ago

Replying to simjost:

However, to my knowledge the pipe is not a unallowed character in urls anymore and WordPress is handeling it very differently in different circumstances.

What are you basing that off of?

On the root page with or without the trailing slash, WordPress is encoding it by default.
On subpages without a trailing slash, the pipe gehts removed (and our WordPress redirects to the url with a trailing slash).
On subpages with a trailing slash, the pipe stays.

That's because a canonical redirect isn't being triggered for those URLs.

#5 @simjost
11 days ago

Hi @TimothyBlynJacobs,

I have no definitive proof, that pipes are allowed. When checking and searching, I read that they were forbidden some time ago and it's still not suggested to use them. But I didn't check any further.
If possible I avoid them of course :)

Alright, so the issue happens during a canonical redirect. I still think the pipe should not just disappear. Either it stays or it gets encoded, like on the base url.

#6 @TimothyBlynJacobs
11 days ago

I'm not aware of any changes to the specifications that would mean they shouldn't be percent encoded.

Trying to automatically percent encode characters is a possibility, but feels like it could get messy very fast.

I wonder if @peterwilsoncc has any thoughts on this?

Note: See TracTickets for help on using tickets.