diff options
| author | Andrew Dolgov <[email protected]> | 2020-09-17 20:20:23 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2020-09-17 20:20:23 +0300 |
| commit | 4efc3d7b3f6465a23d5e1c1415ec74e80cc7562d (patch) | |
| tree | 52a8594649f644abcabdfbf07c18c4350cecf28d /include | |
| parent | a4525d31b2536bc8ad9da013f4ed5168fac87d0a (diff) | |
validate_url: relax requirements for URLs, limit additional port/loopback filtering to fetch_file_contents()
Diffstat (limited to 'include')
| -rw-r--r-- | include/functions.php | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/include/functions.php b/include/functions.php index c0a215fba..4031afa6e 100644 --- a/include/functions.php +++ b/include/functions.php @@ -238,7 +238,7 @@ $url = ltrim($url, ' '); $url = str_replace(' ', '%20', $url); - $url = validate_url($url); + $url = validate_url($url, true); if (!$url) return false; @@ -350,7 +350,7 @@ $fetch_effective_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); - if (!validate_url($fetch_effective_url)) { + if (!validate_url($fetch_effective_url, true)) { $fetch_last_error = "URL hostname received after redirection failed to validate."; return false; @@ -443,7 +443,7 @@ $fetch_effective_url = resolve_redirects($url, $timeout ? $timeout : FILE_FETCH_CONNECT_TIMEOUT); - if (!validate_url($fetch_effective_url)) { + if (!validate_url($fetch_effective_url, true)) { $fetch_last_error = "URL hostname received after redirection failed to validate."; return false; @@ -1963,7 +1963,8 @@ return $ttrss_version['version']; } - function validate_url($url) { + // extended filtering involves validation for safe ports and loopback + function validate_url($url, $extended_filtering = false) { $url = clean($url); @@ -1979,14 +1980,16 @@ if (!$tokens['host']) return false; - if (!in_array($tokens['port'], [80, 443, ''])) - return false; - if (!in_array($tokens['scheme'], ['http', 'https'])) return false; - if ($tokens['host'] == 'localhost' || $tokens['host'] == '::1' || strpos($tokens['host'], '127.') === 0) - return false; + if ($extended_filtering) { + if (!in_array($tokens['port'], [80, 443, ''])) + return false; + + if ($tokens['host'] == 'localhost' || $tokens['host'] == '::1' || strpos($tokens['host'], '127.') === 0) + return false; + } //convert IDNA hostname to punycode if possible if (function_exists("idn_to_ascii")) { |