From 57faa0c7945c5a19a07e3917b73d9c2d1786dcf5 Mon Sep 17 00:00:00 2001
From: Antoine Musso <hashar@users.mediawiki.org>
Date: Thu, 3 Nov 2011 15:06:52 +0000
Subject: [PATCH] comment that isValidURI must reject file:// URI

---
 includes/HttpFunctions.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index 6968c612df..949cfcbb6d 100644
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -129,6 +129,8 @@ class Http {
 	 * protocols, because we only want protocols that both cURL
 	 * and php support.
 	 *
+	 * file:// should not be allowed there for security purpose (r67684)
+	 *
 	 * @fixme this is wildly inaccurate and fails to actually check most stuff
 	 *
 	 * @param $uri Mixed: URI to check for validity
-- 
2.20.1