// the slash can be used to designate a hierarchical structure and we want allow using it with this meaning
// some webservers don't allow the slash in encoded form in the path for security reasons anyway
// see http://stackoverflow.com/questions/4069002/http-400-if-2f-part-of-get-url-in-jboss
- '%2F', // Map from these encoded characters.
- '/', // Map to these decoded characters.
+ // Map from these encoded characters.
+ '%2F',
+ // Map to these decoded characters.
+ '/',
];
/**
* examined for changes in new Symfony releases.
*
* @param array $variables
- * The variables form the compiled route, corresponding to slugs in the
+ * The variables from the compiled route, corresponding to slugs in the
* route path.
* @param array $defaults
* The defaults from the route.
if ($options['path_processing']) {
$path = $this->processPath($path, $options, $generated_url);
}
+ // Ensure the resulting path has at most one leading slash, to prevent it
+ // becoming an external URL without a protocol like //example.com.
+ if (strpos($path, '//') === 0) {
+ $path = '/' . ltrim($path, '/');
+ }
// The contexts base URL is already encoded
// (see Symfony\Component\HttpFoundation\Request).
$path = str_replace($this->decodedChars[0], $this->decodedChars[1], rawurlencode($path));