diff options
Diffstat (limited to 'lib/Controller')
-rw-r--r-- | lib/Controller/PushController.php | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/Controller/PushController.php b/lib/Controller/PushController.php index 36aef01..2739754 100644 --- a/lib/Controller/PushController.php +++ b/lib/Controller/PushController.php @@ -96,7 +96,15 @@ class PushController extends OCSController { return new JSONResponse(['message' => 'INVALID_DEVICE_KEY'], Http::STATUS_BAD_REQUEST); } - if (!filter_var($proxyServer, FILTER_VALIDATE_URL) || strpos($proxyServer, 'https://') !== 0 || strlen($proxyServer)> 256) { + if ( + !filter_var($proxyServer, FILTER_VALIDATE_URL) || + strlen($proxyServer) > 256 || + ( + strpos($proxyServer, 'https://') !== 0 && + strpos($proxyServer, 'http://localhost:') !== 0 && + strpos($proxyServer, 'http://localhost/') !== 0 + ) + ) { return new JSONResponse(['message' => 'INVALID_PROXY_SERVER'], Http::STATUS_BAD_REQUEST); } |