From 0b06fbda62ab59003ab7af52dc702e47c7a8f419 Mon Sep 17 00:00:00 2001
From: Cameron <e107inc@gmail.com>
Date: Tue, 9 Aug 2016 11:07:49 -0700
Subject: [PATCH] Allow for valid torrent URLs

---
 e107_handlers/e107_class.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/e107_handlers/e107_class.php b/e107_handlers/e107_class.php
index d117a3daa..a3d9a2879 100644
--- a/e107_handlers/e107_class.php
+++ b/e107_handlers/e107_class.php
@@ -3797,12 +3797,14 @@ class e107
 		}
 		// FIXME - basic security - add url sanitize method to e_parse
 		$check = rawurldecode($requestUri); // urlencoded by default
+
 		// a bit aggressive XSS protection... convert to e.g. htmlentities if you are not a bad guy
 		$checkregx = $no_cbrace ? '[<>\{\}]' : '[<>]';
 		if(preg_match('/'.$checkregx.'/', $check))
 		{
-			header('HTTP/1.1 403 Forbidden');
-			exit;
+			// header('HTTP/1.1 403 Forbidden');
+			$requestUri = filter_var($requestUri, FILTER_SANITIZE_URL);
+			// exit;
 		}
 
 		// e_MENU fix