Sanitize the addon author if it is not a valid URL but a handle

pull/10786/head
Michael 2021-10-01 13:25:00 +00:00
rodzic 57ac1e5b92
commit 19d5987c9d
1 zmienionych plików z 7 dodań i 0 usunięć

Wyświetl plik

@ -23,6 +23,7 @@ namespace Friendica\Core;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Util\Strings;
/**
@ -257,6 +258,12 @@ class Addon
if ($type == "author" || $type == "maintainer") {
$r = preg_match("|([^<]+)<([^>]+)>|", $v, $m);
if ($r) {
if (!empty($m[2]) && empty(parse_url($m[2], PHP_URL_SCHEME))) {
$contact = Contact::getByURL($m[2], false);
if (!empty($contact['url'])) {
$m[2] = $contact['url'];
}
}
$info[$type][] = ['name' => $m[1], 'link' => $m[2]];
} else {
$info[$type][] = ['name' => $v];