Odd carriage return injections in $_POST



  • I recently upgraded my system and this finally made it possible for me to run Vivaldi on my linux box. I'd tested it a bit already on my laptop and at work (both under Windows) but the desktop is where I'll be able to do some serious testing. So, while doing just that, I came across this odd little bug today. I figure it's obscure enough that it might not have been noticed yet, but I am able to reproduce this systematically. First, some tech info. I'm running Vivaldi 1.0.344.37 (Beta 2) beta (64-bit) on Fedora 23 with KDE Frameworks 5.14.0. Kernel version is 4.2.8-300.fc23.x86_64 #1 SMP. PHP Version 5.6.16 OK. So I have this php form which uses a textarea to grab data. The data can represent different things -- let's say, for instance, to simplify, a list of countries. You'd have one country per line. But each line could provide various information on that specific country in tab-separated fields (ie. name of country, language spoken, capital city, whatever, you get the idea). On the receiving end, I have this code: $buffer = explode("\r\n", $incoming); Later on I also do an explode() on the tabs, but the problem appeared with this first explode() so we can stop here. This is old code, BTW, that I've been using for a long time, before the upgrade, and it always worked fine. Today, though, I got some unexpected results, with a lot of empty lines. So I started running some tests and ended up noticing that it was behaving as if there were extra carriage returns. To make sure, I added this bit of code: $incoming = str_replace("\r\n", "---cr---", $incoming); echo "

    $incoming"; And sure enough... Let's take this test line: Test Fr Some text 20151209 1h49 Some text The echo returns this: Test---cr---Fr Some text 20151209 ---cr---1h49 Some text The first 'CR' (carriage return) is normal, the second one isn't. Now in the above example I had three tabs before '20151209'. If I delete one, I end up with this: Test---cr---Fr Some text 20151209 1h49 ---cr---Some text Replacing all the text with numbers, oddly enough, made the extra CR vanish and the output was as expected. This made me wonder if the spaces in the text weren't the culprit. So I tried: Test Fr Some text 20151209 1h49 Text ... which gave: Test---cr---Fr Some text 20151209 1h49 ---cr---Text ... and: Test Fr Text 20151209 1h49 Some text ... which resulted in: Test---cr---Fr Text 20151209 1h49 Some text Aha! Looks like this last bit worked. So apparently it IS the use of spaces that breaks the code, for some reason. BTW, the exact same code works fine in Opera and Firefox. That's all for now (though I'll have more to say on other stuff later on, when I have more time). Keep up the good work, guys, looking forward to the day when I can completely replace Opera with Vivaldi!



  • Did you really try to sniff the posted data with Developer Tools in tab Network?
    Did you try with current Last Snapshot from https://vivaldi.net/en-US ?

    I cant confirm your problem. I tested with:
    Server: Debian 7 x64 | PHP 5.6.16 FastCGI
    Client Vivaldi 1.0.365.3 x64 | Debian 8 x64 | KDE 4.14.2

    PHP testcode:

    
    $incoming";
    ?>
    
    

    Testdata:```
    Test
    Fr Some text 20151209 1h49 Some text

    
    I think the problem may be very new Fedora 23 with KDE Plasma 5\. Plasma 5 is a little bit buugy atm.
    
    if you give the developers a detailed information about your client config and OS and a working testcase with PHP code, testdata, description of your webserver and PHP config or a testurl on server you may report this as a bug at http://vivaldi.com/bugreport/


  • Just for the record, I upgraded the following day to kernel 4.3.3, and updated my entire system to all the latest packages while I was at it. Seems to have fixed the issue! Sorry for the trouble.



  • Fine, that the problem has gone.
    And please dont apologize for asking. ā€¦ No problem, you made no trouble for me.
    I am Webdev and know which strange issues some browsers or OS can have.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.