mirror of
https://github.com/e107inc/e107.git
synced 2025-08-01 20:30:39 +02:00
Allow for valid torrent URLs
This commit is contained in:
@@ -3797,12 +3797,14 @@ class e107
|
||||
}
|
||||
// FIXME - basic security - add url sanitize method to e_parse
|
||||
$check = rawurldecode($requestUri); // urlencoded by default
|
||||
|
||||
// a bit aggressive XSS protection... convert to e.g. htmlentities if you are not a bad guy
|
||||
$checkregx = $no_cbrace ? '[<>\{\}]' : '[<>]';
|
||||
if(preg_match('/'.$checkregx.'/', $check))
|
||||
{
|
||||
header('HTTP/1.1 403 Forbidden');
|
||||
exit;
|
||||
// header('HTTP/1.1 403 Forbidden');
|
||||
$requestUri = filter_var($requestUri, FILTER_SANITIZE_URL);
|
||||
// exit;
|
||||
}
|
||||
|
||||
// e_MENU fix
|
||||
|
Reference in New Issue
Block a user