mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-23 21:30:17 +00:00
Fix validation of adlist url
Already existing regex validation will be used on url after removing @ (in case
its in separating userinfo and host).
Signed-off-by: Matej Dujava <mdujava@kocurkovo.cz>
Fixes: https://github.com/pi-hole/pi-hole/issues/3911
Fixes: 7d19ee1b
: validate blocklist URL before adding to the database (#3237)
This commit is contained in:
parent
6deac6dfce
commit
ef0bdf6470
2 changed files with 15 additions and 5 deletions
|
@ -486,10 +486,15 @@ SetWebUITheme() {
|
|||
}
|
||||
|
||||
CheckUrl(){
|
||||
local regex
|
||||
local regex check_url
|
||||
# Check for characters NOT allowed in URLs
|
||||
regex="[^a-zA-Z0-9:/?&%=~._-]"
|
||||
if [[ "${1}" =~ ${regex} ]]; then
|
||||
regex="[^a-zA-Z0-9:/?&%=~._()-;]"
|
||||
|
||||
# this will remove first @ that is after schema and before domain
|
||||
# \1 is optional schema, \2 is userinfo
|
||||
check_url="$( sed -re 's#([^:/]*://)?([^/]+)@#\1\2#' <<< "$1" )"
|
||||
|
||||
if [[ "${check_url}" =~ ${regex} ]]; then
|
||||
return 1
|
||||
else
|
||||
return 0
|
||||
|
|
|
@ -393,10 +393,15 @@ gravity_DownloadBlocklists() {
|
|||
esac
|
||||
|
||||
echo -e " ${INFO} Target: ${url}"
|
||||
local regex
|
||||
local regex check_url
|
||||
# Check for characters NOT allowed in URLs
|
||||
regex="[^a-zA-Z0-9:/?&%=~._()-;]"
|
||||
if [[ "${url}" =~ ${regex} ]]; then
|
||||
|
||||
# this will remove first @ that is after schema and before domain
|
||||
# \1 is optional schema, \2 is userinfo
|
||||
check_url="$( sed -re 's#([^:/]*://)?([^/]+)@#\1\2#' <<< "$url" )"
|
||||
|
||||
if [[ "${check_url}" =~ ${regex} ]]; then
|
||||
echo -e " ${CROSS} Invalid Target"
|
||||
else
|
||||
gravity_DownloadBlocklistFromUrl "${url}" "${cmd_ext}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}"
|
||||
|
|
Loading…
Reference in a new issue