oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-09 08:34:26 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Avoid local network communication / invalid url requests

Browse source
This commit is contained in:
Michael 2023-01-27 05:55:45 +00:00
parent 6bedd190b9
commit ba4860b787
12 changed files with 96 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/Worker/OnePoll.php
View file

@ -38,6 +38,7 @@ use Friendica\Protocol\ActivityPub;
use Friendica\Protocol\Email;
use Friendica\Protocol\Feed;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
use Friendica\Util\Strings;
class OnePoll
@ -157,6 +158,11 @@ class OnePoll
return false;
}
if (!Network::isValidHttpUrl($contact['poll'])) {
Logger::notice('Poll address is not valid', ['id' => $contact['id'], 'uid' => $contact['uid'], 'url' => $contact['url'], 'poll' => $contact['poll']]);
return false;
}
$cookiejar = tempnam(System::getTempPath(), 'cookiejar-onepoll-');
$curlResult = DI::httpClient()->get($contact['poll'], HttpClientAccept::FEED_XML, [HttpClientOptions::COOKIEJAR => $cookiejar]);
unlink($cookiejar);