Authentication_SignedURL::URLWithoutSignature() bothered by referer arg #4
Description
I think the extraction of the url that has been signed in Authentication_SignedURL::URLWithoutSignature() is not correct.
If there's a trailing arg after the sig arg in the URL, like referer, it will not return the correct substring.
I think the following is better :
{
$sig = $this->getQueryParameter('sig');
$startofsig=strpos($this->parsedURL, '&sig='.urlencode(isset($sig) ? $sig : NULL));
return substr($this->parsedURL, 0, $startofsig);
}
Hope this helps.