oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-17 04:15:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Security issue: Encoding of GUID in itemcache to avoid directory bypassing with a malificious formatted GUID.

Browse source
This commit is contained in:
Michael Vogel 2014-09-27 12:49:00 +02:00
parent 4ec5974074
commit 459fc2fabd
5 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
mod/parse_url.php
View file

@ -186,6 +186,9 @@ function parseurl_getsiteinfo($url, $no_guessing = false, $do_oembed = true, $co
case "twitter:image":
$siteinfo["image"] = $attr["content"];
break;
case "twitter:image:src":
$siteinfo["image"] = $attr["content"];
break;
case "twitter:card":
if (($siteinfo["type"] == "") OR ($attr["content"] == "photo"))
$siteinfo["type"] = $attr["content"];