]> git.immae.eu Git - github/shaarli/Shaarli.git/blobdiff - index.php
projects / github / shaarli / Shaarli.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #880 from ArthurHoaro/hotfix/allowed-protocols
[github/shaarli/Shaarli.git] / index.php
diff --git a/index.php b/index.php
index 92eb443ba6310477ed04d831a62c72d03f2bcc3c..823eb8dea7834100f40a3525770ecdce29b2f20f 100644 (file)
--- a/index.php
+++ b/index.php
@@ -1256,13 +1256,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
         // Remove duplicates.
         $tags = implode(' ', array_unique(explode(' ', $tags)));
 
-        $url = trim($_POST['lf_url']);
-        if (! startsWith($url, 'http:') && ! startsWith($url, 'https:')
-            && ! startsWith($url, 'ftp:') && ! startsWith($url, 'magnet:')
-            && ! startsWith($url, '?') && ! startsWith($url, 'javascript:')
-        ) {
-            $url = 'http://' . $url;
-        }
+        $url = whitelist_protocols(trim($_POST['lf_url']), $conf->get('security.allowed_protocols'));
 
         $link = array(
             'id' => $id,
The personal, minimalist, super-fast, database free, bookmarking service - community repo