From: Mark A. Hershberger <mah@users.mediawiki.org>
Date: Thu, 3 Nov 2011 14:04:01 +0000 (+0000)
Subject: use isValidURI for redirect check
X-Git-Tag: 1.31.0-rc.0~26738
X-Git-Url: http://git.cyclocoop.org/%24action?a=commitdiff_plain;h=d379979d1aebe91cfb529ec3472084319f08c777;p=lhc%2Fweb%2Fwiklou.git

use isValidURI for redirect check
---

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index 2ec7ea19f2..6968c612df 100644
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -855,7 +855,7 @@ class PhpHttpRequest extends MWHttpRequest {
 			# Check security of URL
 			$url = $this->getResponseHeader( "Location" );
 
-			if ( substr( $url, 0, 7 ) !== 'http://' ) {
+			if ( !HTTP::isValidURI( $url ) ) {
 				wfDebug( __METHOD__ . ": insecure redirection\n" );
 				break;
 			}