Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-01-05 18:04:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

Adding hexadecimal check for parse_rul

Browse source 
see https://github.com/friendica/friendica/issues/6917#issuecomment-475461338
This commit is contained in:
Philipp Holzer 2019-05-29 20:32:16 +02:00
parent 3de540d1d1
commit 392137b433
No known key found for this signature in database
GPG key ID: D8365C3D36B77D90
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
mod/parse_url.php
View file

@ -9,12 +9,14 @@
* *
* @see ParseUrl::getSiteinfo() for more information about scraping embeddable content * @see ParseUrl::getSiteinfo() for more information about scraping embeddable content
*/ */
use Friendica\App; use Friendica\App;
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Util\Network; use Friendica\Util\Network;
use Friendica\Util\ParseUrl; use Friendica\Util\ParseUrl;
use Friendica\Util\Strings;
function parse_url_content(App $a) function parse_url_content(App $a)
{ {
@ -25,10 +27,13 @@ function parse_url_content(App $a)
$br = "\n"; $br = "\n";
if (!empty($_GET['binurl'])) { if (!empty($_GET['binurl']) && Strings::isHex($_GET['binurl'])) {
$url = trim(hex2bin($_GET['binurl'])); $url = trim(hex2bin($_GET['binurl']));
} else { } elseif (!empty($_GET['url'])) {
$url = trim($_GET['url']); $url = trim($_GET['url']);
// fallback in case no url is valid
} else {
$a->internalRedirect();
} }
if (!empty($_GET['title'])) { if (!empty($_GET['title'])) {