mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-10 18:54:08 +02:00
Code Issues Releases Wiki Activity

[ticket/security/211] Make sure website URL only uses http & https schemes

Browse Source 
SECURITY-211
This commit is contained in:
Marc Alexander
2017-07-22 17:26:41 +02:00
parent fa3bdedf7b
commit 882a3c3831
4 changed files with 20 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
tests/profilefields/type_url_test.php
View File

@@ -89,6 +89,19 @@ class phpbb_profilefield_type_url_test extends phpbb_test_case
'FIELD_INVALID_URL-field',
'Field should reject invalid URL having multi value parameters',
),
// Not allowed schemes
array(
'ftp://example.com/',
array(),
'FIELD_INVALID_URL-field',
'Field should reject invalid URL having multi value parameters',
),
array(
'javascript://alert.com',
array(),
'FIELD_INVALID_URL-field',
'Field should reject invalid URL having multi value parameters',
),
// IDN url type profilefields
array(