Changeset 670 for trunk/lib/Utilities.inc.php
- Timestamp:
- Mar 6, 2019 9:18:39 PM (5 years ago)
- File:
-
- 1 edited
-
trunk/lib/Utilities.inc.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Utilities.inc.php
r667 r670 1377 1377 1378 1378 if (!isset($urls[$url])) { 1379 if (!preg_match(' |https?://[\w.]+/|', $url)) {1379 if (!preg_match('!^https?://!i', $url)) { 1380 1380 // If we can't find a domain we assume the URL is local (i.e. "/my/url/path/" or "../img/file.jpg"). 1381 1381 $urls[$url] = true; 1382 1382 } else { 1383 $urls[$url] = preg_match(' |https?://[\w.]*' . preg_quote(getenv('HTTP_HOST'), '|') . '|i', $url);1383 $urls[$url] = preg_match('!^https?://' . preg_quote(getenv('HTTP_HOST'), '!') . '!i', $url); 1384 1384 } 1385 1385 } … … 1405 1405 function absoluteMe() 1406 1406 { 1407 return sprintf('%s://%s%s', (getenv('HTTPS') ? 'https' : 'http'), getenv('HTTP_HOST'), getenv('REQUEST_URI')); 1407 $safe_http_host = preg_replace('/[^a-z\d.-]/', '', getenv('HTTP_HOST')); 1408 return sprintf('%s://%s%s', (getenv('HTTPS') ? 'https' : 'http'), $safe_http_host, getenv('REQUEST_URI')); 1408 1409 } 1409 1410
Note: See TracChangeset
for help on using the changeset viewer.
