*/
function cleanup_url($url)
{
- $obj_url = new Url($url);
- return $obj_url->cleanup();
+ $obj_url = new Url($url);
+ return $obj_url->cleanup();
}
/**
*/
function get_url_scheme($url)
{
- $obj_url = new Url($url);
- return $obj_url->getScheme();
+ $obj_url = new Url($url);
+ return $obj_url->getScheme();
}
/**
{
return $url . (!endsWith($url, '/') ? '/' : '');
}
+
/**
- * Converts an URL with an IDN host to a ASCII one.
+ * Replace not whitelisted protocols by 'http://' from given URL.
*
- * @param string $url Input URL.
+ * @param string $url URL to clean
+ * @param array $protocols List of allowed protocols (aside from http(s)).
*
- * @return string converted URL.
+ * @return string URL with allowed protocol
*/
-function url_with_idn_to_ascii($url)
+function whitelist_protocols($url, $protocols)
{
- $parts = parse_url($url);
- $parts['host'] = idn_to_ascii($parts['host']);
-
- $httpUrl = new \http\Url($parts);
- return $httpUrl->toString();
+ if (startsWith($url, '?') || startsWith($url, '/')) {
+ return $url;
+ }
+ $protocols = array_merge(['http', 'https'], $protocols);
+ $protocol = preg_match('#^(\w+):/?/?#', $url, $match);
+ // Protocol not allowed: we remove it and replace it with http
+ if ($protocol === 1 && ! in_array($match[1], $protocols)) {
+ $url = str_replace($match[0], 'http://', $url);
+ } elseif ($protocol !== 1) {
+ $url = 'http://' . $url;
+ }
+ return $url;
}
+
/**
* URL representation and cleanup utilities
*
'utm_',
// ATInternet
- 'xtor='
+ 'xtor=',
+
+ // Other
+ 'campaign_'
);
private static $annoyingFragments = array(
}
$this->parts['query'] = implode('&', $queryParams);
- }
+ }
/**
* Removes undesired fragments
if (! function_exists('idn_to_ascii') || ! isset($this->parts['host'])) {
return $out;
}
- $asciiHost = idn_to_ascii($this->parts['host']);
+ $asciiHost = idn_to_ascii($this->parts['host'], 0, INTL_IDNA_VARIANT_UTS46);
return str_replace($this->parts['host'], $asciiHost, $out);
}
*
* @return string the URL scheme or false if none is provided.
*/
- public function getScheme() {
+ public function getScheme()
+ {
if (!isset($this->parts['scheme'])) {
return false;
}
*
* @return string the URL host or false if none is provided.
*/
- public function getHost() {
+ public function getHost()
+ {
if (empty($this->parts['host'])) {
return false;
}
*
* @return true is HTTP, false otherwise.
*/
- public function isHttp() {
+ public function isHttp()
+ {
return strpos(strtolower($this->parts['scheme']), 'http') !== false;
}
}