GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

[ENTITY][Link] self urls can't be considered a remote url

Browse Source
This commit is contained in:
Diogo Peralta Cordeiro 2021-08-18 14:34:15 +01:00 committed by Hugo Sales
parent 177801c81b
commit b50f11a040
Signed by: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Entity/Link.php
View File

@ -24,6 +24,7 @@ use App\Core\Entity;
use App\Core\Event; use App\Core\Event;
use App\Core\GSFile; use App\Core\GSFile;
use App\Core\HTTPClient; use App\Core\HTTPClient;
use App\Core\Log;
use App\Util\Common; use App\Util\Common;
use App\Util\Exception\DuplicateFoundException; use App\Util\Exception\DuplicateFoundException;
use App\Util\Exception\NotFoundException; use App\Util\Exception\NotFoundException;
@ -137,6 +138,12 @@ class Link extends Entity
public static function getOrCreate(string $url): self public static function getOrCreate(string $url): self
{ {
if (Common::isValidHttpUrl($url)) { if (Common::isValidHttpUrl($url)) {
// If the URL is a local one, do not create a Link to it
if (parse_url($url, PHP_URL_HOST) === $_ENV['SOCIAL_DOMAIN']) {
Log::warning("It was attempted to create a Link to a local location {$url}.");
// Forbidden
throw new InvalidArgumentException(message: "A Link can't point to a local location ({$url}), it must be a remote one", code: 400);
}
$head = HTTPClient::head($url); $head = HTTPClient::head($url);
// This must come before getInfo given that Symfony HTTPClient is lazy (thus forcing curl exec) // This must come before getInfo given that Symfony HTTPClient is lazy (thus forcing curl exec)
try { try {