diff options
author | mattab <matthieu.aubry@gmail.com> | 2014-02-04 23:12:09 +0400 |
---|---|---|
committer | mattab <matthieu.aubry@gmail.com> | 2014-02-04 23:12:09 +0400 |
commit | ee85eb46395a1d2ae6a0972acd20482547448080 (patch) | |
tree | 6bfd3d60f22102a897ef32ea0332399afa463d67 | |
parent | d961091951e30729c916c83d79ddfe7f84b902e0 (diff) |
Fixes #4626 Prevent warning on screen when user set valid host to a URL instead of hostname
-rw-r--r-- | core/Url.php | 9 | ||||
-rw-r--r-- | core/UrlHelper.php | 2 |
2 files changed, 10 insertions, 1 deletions
diff --git a/core/Url.php b/core/Url.php index 2031cf0c88..024f328025 100644 --- a/core/Url.php +++ b/core/Url.php @@ -237,11 +237,20 @@ class Url } foreach ($trustedHosts as &$trustedHost) { + + // Case user wrote in the config, http://example.com/test instead of example.com + if(UrlHelper::isLookLikeUrl($trustedHost)) { + $trustedHost = parse_url($trustedHost, PHP_URL_HOST); + } + $trustedHost = preg_quote($trustedHost); } $untrustedHost = Common::mb_strtolower($host); $untrustedHost = rtrim($untrustedHost, '.'); + + $hostRegex = Common::mb_strtolower('/(^|.)' . implode('|', $trustedHosts) . '$/'); + $result = preg_match($hostRegex, $untrustedHost); return 0 !== $result; } diff --git a/core/UrlHelper.php b/core/UrlHelper.php index 4adaca1558..dbdb04dfd2 100644 --- a/core/UrlHelper.php +++ b/core/UrlHelper.php @@ -92,7 +92,7 @@ class UrlHelper } /** - * Returns true if the string passed may be a URL. + * Returns true if the string passed may be a URL ie. it starts with protocol://. * We don't need a precise test here because the value comes from the website * tracked source code and the URLs may look very strange. * |