dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
3b8aa71
)
use isValidURI for redirect check
author
Mark A. Hershberger
<mah@users.mediawiki.org>
Thu, 3 Nov 2011 14:04:01 +0000
(14:04 +0000)
committer
Mark A. Hershberger
<mah@users.mediawiki.org>
Thu, 3 Nov 2011 14:04:01 +0000
(14:04 +0000)
includes/HttpFunctions.php
patch
|
blob
|
history
diff --git
a/includes/HttpFunctions.php
b/includes/HttpFunctions.php
index
2ec7ea1
..
6968c61
100644
(file)
--- a/
includes/HttpFunctions.php
+++ b/
includes/HttpFunctions.php
@@
-855,7
+855,7
@@
class PhpHttpRequest extends MWHttpRequest {
# Check security of URL
$url = $this->getResponseHeader( "Location" );
- if (
substr( $url, 0, 7 ) !== 'http://'
) {
+ if (
!HTTP::isValidURI( $url )
) {
wfDebug( __METHOD__ . ": insecure redirection\n" );
break;
}