aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'index.php')
-rw-r--r--index.php8
1 files changed, 1 insertions, 7 deletions
diff --git a/index.php b/index.php
index cb0afbd0..2ff2505a 100644
--- a/index.php
+++ b/index.php
@@ -1256,13 +1256,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
1256 // Remove duplicates. 1256 // Remove duplicates.
1257 $tags = implode(' ', array_unique(explode(' ', $tags))); 1257 $tags = implode(' ', array_unique(explode(' ', $tags)));
1258 1258
1259 $url = trim($_POST['lf_url']); 1259 $url = whitelist_protocols(trim($_POST['lf_url']), $conf->get('security.allowed_protocols'));
1260 if (! startsWith($url, 'http:') && ! startsWith($url, 'https:')
1261 && ! startsWith($url, 'ftp:') && ! startsWith($url, 'magnet:')
1262 && ! startsWith($url, '?') && ! startsWith($url, 'javascript:')
1263 ) {
1264 $url = 'http://' . $url;
1265 }
1266 1260
1267 $link = array( 1261 $link = array(
1268 'id' => $id, 1262 'id' => $id,
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 14:27:31 +0000