use isValidURI for redirect check

diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index 2ec7ea1..6968c61 100644 (file)
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -855,7 +855,7 @@ class PhpHttpRequest extends MWHttpRequest {
                        # Check security of URL
                        $url = $this->getResponseHeader( "Location" );
 
-                       if ( substr( $url, 0, 7 ) !== 'http://' ) {
+                       if ( !HTTP::isValidURI( $url ) ) {
                                wfDebug( __METHOD__ . ": insecure redirection\n" );
                                break;
                        }