From f2fbb4ee7ef1c3cafefc7c78f57b685644996667 Mon Sep 17 00:00:00 2001 From: wn_ Date: Sun, 23 Apr 2017 13:55:14 -0500 Subject: [PATCH] Compare end of domains when checking known SSL whitelist. For example: "imgur.com.mysite.com" should not match the "imgur.com" whitelist entry. --- plugins/af_zz_imgproxy/init.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/af_zz_imgproxy/init.php b/plugins/af_zz_imgproxy/init.php index 5fab3b7b8..8419b8a87 100644 --- a/plugins/af_zz_imgproxy/init.php +++ b/plugins/af_zz_imgproxy/init.php @@ -124,7 +124,7 @@ class Af_Zz_ImgProxy extends Plugin { $parts = parse_url($url); foreach (explode(" " , $this->ssl_known_whitelist) as $host) { - if (strpos($parts['host'], $host) !== FALSE) { + if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) { $parts['scheme'] = 'https'; return build_url($parts);