forked from GNUsocial/gnu-social
bad validation of callback URL
darcs-hash:20080605040358-84dde-b2018db43791d1cbed722d3320cd0b62d6da94eb.gz
This commit is contained in:
parent
24ff61d159
commit
356f401986
@ -408,7 +408,7 @@ class UserauthorizationAction extends Action {
|
|||||||
throw new OAuthException("Invalid avatar '$avatar'");
|
throw new OAuthException("Invalid avatar '$avatar'");
|
||||||
}
|
}
|
||||||
$callback = $req->get_parameter('oauth_callback');
|
$callback = $req->get_parameter('oauth_callback');
|
||||||
if ($avatar && common_valid_http_url($callback)) {
|
if ($callback && !common_valid_http_url($callback)) {
|
||||||
throw new OAuthException("Invalid callback URL '$callback'");
|
throw new OAuthException("Invalid callback URL '$callback'");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user