When rendering internal links that contain both a query string and a fragment identifier, Pathologic incorrectly encodes the URL by duplicating the query and fragment parts. For example, a stored URL in an <a> tag like:
<a>href="/node/84623?test=hello#anchor"></a>
is transformed into:
/path/alias%3Ftest%3Dhello%23anchor?test=hello#anchor
This results in invalid URLs with broken behavior (e.g., anchor targeting fails and query parameters are corrupted), and leads to degraded UX and broken routing.
This issue seems to occur because Pathologic passes query and fragment data both embedded in the path string and again separately in the $options array to Url::fromUri(), which does not sanitize duplication.
/node/{real-node-id}?params=test#anchor
<a>tag.
<a href="/your-path-alias?test=hello#anchor">HELLO/a>
<a href="/your-path-alias%3Ftest%3Dhello%23anchor?test=hello#anchor">HELLO</a>
Before passing $url_params['path'] into Url::fromUri(), strip out any embedded query string or fragment component by splitting on the first occurrence of ? or #:
$url_params['path'] = preg_split('/[?#]/', $url_params['path'], 2)[0];
This ensuresUrl::fromUri() receives the clean path separately from its query and fragment parts already correctly provided in $url_params['path'].
This change should be added just before $url_params['path'] is used to construct $path in _pathologic_replace().
None
None
None
Needs review
2.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.