eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

[ENTITY][Link] self urls can't be considered a remote url

Browse Source
This commit is contained in:
Diogo Peralta Cordeiro 2021-08-18 14:34:15 +01:00
parent 40f2f5f977
commit f7c426e81c
Signed by: diogo
GPG Key ID: 18D2D35001FBFAB0
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Entity/Link.php
View File

@ -24,6 +24,7 @@ use App\Core\Entity;
use App\Core\Event; use App\Core\Event;
use App\Core\GSFile; use App\Core\GSFile;
use App\Core\HTTPClient; use App\Core\HTTPClient;
use App\Core\Log;
use App\Util\Common; use App\Util\Common;
use App\Util\Exception\DuplicateFoundException; use App\Util\Exception\DuplicateFoundException;
use App\Util\Exception\NotFoundException; use App\Util\Exception\NotFoundException;
@ -137,6 +138,12 @@ class Link extends Entity
public static function getOrCreate(string $url): self public static function getOrCreate(string $url): self
{ {
if (Common::isValidHttpUrl($url)) { if (Common::isValidHttpUrl($url)) {
// If the URL is a local one, do not create a Link to it
if (parse_url($url, PHP_URL_HOST) === $_ENV['SOCIAL_DOMAIN']) {
Log::warning("It was attempted to create a Link to a local location {$url}.");
// Forbidden
throw new InvalidArgumentException(message: "A Link can't point to a local location ({$url}), it must be a remote one", code: 400);
}
$head = HTTPClient::head($url); $head = HTTPClient::head($url);
// This must come before getInfo given that Symfony HTTPClient is lazy (thus forcing curl exec) // This must come before getInfo given that Symfony HTTPClient is lazy (thus forcing curl exec)
try { try {