fix #1181 한글 도메인 처리 개선

- default URL을 IDN으로 지정 시 punycode로 변환하여 저장
- request_uri 및 current_url를 punycode로 변환하지 않은 IDN으로 출력하도록 변경
- String.prototype.setQuery()에서 IDN을 인코딩하지 않도록 변경 thanks to @andjfrrk

classes/context/Context.class.php

@@ -410,6 +410,16 @@ class Context
 
 		$this->set('current_url', $current_url);
 		$this->set('request_uri', self::getRequestUri());
+
+		if(strpos($current_url, 'xn--') !== FALSE)
+		{
+			$this->set('current_url', self::decodeIdna($current_url));
+		}
+
+		if(strpos(self::getRequestUri(), 'xn--') !== FALSE)
+		{
+			$this->set('request_uri', self::decodeIdna(self::getRequestUri()));
+		}
 	}
 
 	/**
@@ -1081,6 +1091,18 @@ class Context
 		return $obj->str;
 	}
 
+	function decodeIdna($domain)
+	{
+		if(strpos($domain, 'xn--') !== FALSE)
+		{
+			require_once(_XE_PATH_ . 'libs/idna_convert/idna_convert.class.php');
+			$IDN = new idna_convert(array('idn_version' => 2008));
+			$domain = $IDN->decode($domain);
+		}
+
+		return $domain;
+	}
+
 	/**
 	 * Force to set response method
 	 *

classes/module/ModuleHandler.class.php

@@ -172,7 +172,7 @@ class ModuleHandler extends Handler
 					if(Context::getRequestMethod() == 'GET')
 					{
 						$this->mid = $module_info->mid;
-						header('location:' . getNotEncodedSiteUrl($site_info->domain, 'mid', $this->mid, 'document_srl', $this->document_srl));
+						header('location:' . getNotEncodedSiteUrl($site_module_info->domain, 'mid', $this->mid, 'document_srl', $this->document_srl));
 						return FALSE;
 					}
 					else

common/js/common.js

@@ -240,12 +240,13 @@ jQuery(function($) {
 		var loc = isSameUrl(this, window.location.href) ? current_url : this;
 		var idx = loc.indexOf('?');
 		var uri = loc.replace(/#$/, '');
-		var act, re, v, toReplace;
+		var act, re, v, toReplace, query_string;
 
 		if (typeof(val)=='undefined') val = '';
 
 		if (idx != -1) {
-			var query_string = uri.substr(idx+1, loc.length), args = {}, q_list = [];
+			var args = {}, q_list = [];
+			query_string = uri.substr(idx + 1, loc.length);
 			uri = loc.substr(0, idx);
 			query_string.replace(/([^=]+)=([^&]*)(&|$)/g, function(all,key,val) { args[key] = val; });
 
@@ -258,9 +259,12 @@ jQuery(function($) {
 			}
 
 			query_string = q_list.join('&');
-			uri = uri+(query_string?'?'+query_string:'');
+			uri = uri + (query_string ? '?' + encodeURI(query_string) : '');
 		} else {
-			if (String(val).trim()) uri = uri+'?'+key+'='+val;
+			if (String(val).trim()) {
+				query_string = '?' + key + '=' + val;
+				uri = uri + encodeURI(query_string);
+			}
 		}
 
 		re = /^https:\/\/([^:\/]+)(:\d+|)/i;
@@ -290,7 +294,7 @@ jQuery(function($) {
 		// insert index.php if it isn't included
 		uri = uri.replace(/\/(index\.php)?\?/, '/index.php?');
 
-		return encodeURI(uri);
+		return uri;
 	};
 
 	/**

config/func.inc.php

@@ -1564,22 +1564,25 @@ function checkCSRF()
 		return FALSE;
 	}
 
-	$defaultUrl = Context::getDefaultUrl();
-	$referer = parse_url($_SERVER["HTTP_REFERER"]);
+	$default_url = Context::getDefaultUrl();
+	$referer = $_SERVER["HTTP_REFERER"];
 
-	if(strpos(Context::getRequestUri(), 'xn--') !== FALSE)
+	if(strpos($default_url, 'xn--') !== FALSE && strpos($referer, 'xn--') === FALSE)
 	{
 		require_once(_XE_PATH_ . 'libs/idna_convert/idna_convert.class.php');
 		$IDN = new idna_convert(array('idn_version' => 2008));
-		$referer = parse_url($IDN->encode($_SERVER["HTTP_REFERER"]));
+		$referer = $IDN->encode($referer);
 	}
 
+	$default_url = parse_url($default_url);
+	$referer = parse_url($referer);
+
 	$oModuleModel = getModel('module');
 	$siteModuleInfo = $oModuleModel->getDefaultMid();
 
 	if($siteModuleInfo->site_srl == 0)
 	{
-		if(!strstr(strtolower($defaultUrl), strtolower($referer['host'])))
+		if($default_url['host'] !== $referer['host'])
 		{
 			return FALSE;
 		}