valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

another hack for validation of URLs with invalid characters

This commit is contained in:
Andrew Dolgov 2020-09-22 19:56:26 +03:00
parent a897c4165b
commit 8fb2baecdc
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
classes/urlhelper.php
View File

@ -48,7 +48,7 @@ class UrlHelper {
// extended filtering involves validation for safe ports and loopback // extended filtering involves validation for safe ports and loopback
static function validate($url, $extended_filtering = false) { static function validate($url, $extended_filtering = false) {
$url = clean(rawurldecode($url)); $url = clean($url);
# fix protocol-relative URLs # fix protocol-relative URLs
if (strpos($url, "//") === 0) if (strpos($url, "//") === 0)
@ -65,8 +65,10 @@ class UrlHelper {
return false; return false;
if ($tokens['path']) { if ($tokens['path']) {
// urlencode path, but respect "/" path delimiters $tokens['path'] = implode("/",
$tokens['path'] = implode("/", array_map("rawurlencode", explode("/", $tokens['path']))); array_map("rawurlencode",
array_map("rawurldecode",
explode("/", $tokens['path']))));
} }
//convert IDNA hostname to punycode if possible //convert IDNA hostname to punycode if possible