mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-27 07:12:27 +00:00
Add protocol validation when downloading blocklist from URL (#5698)
This commit is contained in:
commit
8b324741e0
1 changed files with 6 additions and 0 deletions
|
@ -622,6 +622,12 @@ gravity_DownloadBlocklistFromUrl() {
|
|||
fi
|
||||
fi
|
||||
|
||||
# Check for allowed protocols
|
||||
if [[ $url != "http"* && $url != "https"* && $url != "file"* && $url != "ftp"* && $url != "ftps"* && $url != "sftp"* ]]; then
|
||||
echo -e "${OVER} ${CROSS} ${str} Invalid protocol specified, ignoring list"
|
||||
download=false
|
||||
fi
|
||||
|
||||
if [[ "${download}" == true ]]; then
|
||||
# shellcheck disable=SC2086
|
||||
httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" "${url}" -o "${listCurlBuffer}" 2>/dev/null)
|
||||
|
|
Loading…
Reference in a new issue