dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
d379979
)
comment that isValidURI must reject file:// URI
author
Antoine Musso
<hashar@users.mediawiki.org>
Thu, 3 Nov 2011 15:06:52 +0000
(15:06 +0000)
committer
Antoine Musso
<hashar@users.mediawiki.org>
Thu, 3 Nov 2011 15:06:52 +0000
(15:06 +0000)
includes/HttpFunctions.php
patch
|
blob
|
history
diff --git
a/includes/HttpFunctions.php
b/includes/HttpFunctions.php
index
6968c61
..
949cfcb
100644
(file)
--- a/
includes/HttpFunctions.php
+++ b/
includes/HttpFunctions.php
@@
-129,6
+129,8
@@
class Http {
* protocols, because we only want protocols that both cURL
* and php support.
*
+ * file:// should not be allowed there for security purpose (r67684)
+ *
* @fixme this is wildly inaccurate and fails to actually check most stuff
*
* @param $uri Mixed: URI to check for validity