From 52320cc8800d2bf57dce789f8a1f677cdbd32def Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Sat, 16 Nov 2019 00:17:58 +0000
Subject: [PATCH] Issue #3091823 by Renrhaf, johndevman: UrlHelper::parse does
 not support external URLs with more than one question mark

---
 .../Drupal/Component/Utility/UrlHelper.php    |  2 +-
 .../Tests/Component/Utility/UrlHelperTest.php | 36 +++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/core/lib/Drupal/Component/Utility/UrlHelper.php b/core/lib/Drupal/Component/Utility/UrlHelper.php
index bd550460f916..e3c9ab235aec 100644
--- a/core/lib/Drupal/Component/Utility/UrlHelper.php
+++ b/core/lib/Drupal/Component/Utility/UrlHelper.php
@@ -154,7 +154,7 @@ public static function parse($url) {
       }
 
       // Split off everything before the query string into 'path'.
-      $parts = explode('?', $url);
+      $parts = explode('?', $url, 2);
 
       // Don't support URLs without a path, like 'http://'.
       list(, $path) = explode('://', $parts[0], 2);
diff --git a/core/tests/Drupal/Tests/Component/Utility/UrlHelperTest.php b/core/tests/Drupal/Tests/Component/Utility/UrlHelperTest.php
index 594344f39e51..7b9bd1c40e79 100644
--- a/core/tests/Drupal/Tests/Component/Utility/UrlHelperTest.php
+++ b/core/tests/Drupal/Tests/Component/Utility/UrlHelperTest.php
@@ -311,6 +311,42 @@ public static function providerTestParse() {
           'fragment' => 'footer',
         ],
       ],
+      'URL with two question marks, not encoded' => [
+        'http://www.example.com/my/path?destination=home&search=http://www.example.com/search?limit=10#footer',
+        [
+          'path' => 'http://www.example.com/my/path',
+          'query' => [
+            'destination' => 'home',
+            'search' => 'http://www.example.com/search?limit=10',
+          ],
+          'fragment' => 'footer',
+        ],
+      ],
+      'URL with three question marks, not encoded' => [
+        'http://www.example.com/my/path?destination=home&search=http://www.example.com/search?limit=10&referer=http://www.example.com/my/path?destination=home&other#footer',
+        [
+          'path' => 'http://www.example.com/my/path',
+          'query' => [
+            'destination' => 'home',
+            'search' => 'http://www.example.com/search?limit=10',
+            'referer' => 'http://www.example.com/my/path?destination=home',
+            'other' => '',
+          ],
+          'fragment' => 'footer',
+        ],
+      ],
+      'URL with three question marks, encoded' => [
+        'http://www.example.com/my/path?destination=home&search=http://www.example.com/search?limit=10&referer=http%3A%2F%2Fwww.example.com%2Fmy%2Fpath%3Fdestination%3Dhome%26other#footer',
+        [
+          'path' => 'http://www.example.com/my/path',
+          'query' => [
+            'destination' => 'home',
+            'search' => 'http://www.example.com/search?limit=10',
+            'referer' => 'http://www.example.com/my/path?destination=home&other',
+          ],
+          'fragment' => 'footer',
+        ],
+      ],
     ];
   }
 
-- 
GitLab