diff options
| author | Andrew Dolgov <[email protected]> | 2020-09-15 10:39:09 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2020-09-15 10:39:09 +0300 |
| commit | aa89ea77690b954a6739ee4ec5227c4d369202d3 (patch) | |
| tree | c51be8db65e2f8d8f6457258cbd43bd28fb1e98b /include | |
| parent | 6c02fea641f042dfbdc25c744e7b80c590d714a9 (diff) | |
validate_url: only allow safe ports (80, 443), disallow access to loopback
Diffstat (limited to 'include')
| -rw-r--r-- | include/functions.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/include/functions.php b/include/functions.php index 63b717701..19eac41ae 100644 --- a/include/functions.php +++ b/include/functions.php @@ -1941,9 +1941,15 @@ if (!$tokens['host']) return false; + if (!in_array($tokens['port'], [80, 443, ''])) + return false; + if (!in_array($tokens['scheme'], ['http', 'https'])) return false; + if ($tokens['host'] == 'localhost' || $tokens['host'] == '::1' || strpos($tokens['host'], '127.') === 0) + return false; + //convert IDNA hostname to punycode if possible if (function_exists("idn_to_ascii")) { if (mb_detect_encoding($tokens['host']) != 'ASCII') { @@ -1952,8 +1958,5 @@ } } - /* if ($tokens['host'] == 'localhost' || $tokens['host'] == '127.0.0.1') - return false; */ - return $url; } |