diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2024-09-22 11:05:06 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2024-09-22 11:05:06 +0200 |
| commit | 1c09408c6459eb8d719d94ba593edfa44883cb85 (patch) | |
| tree | 67e8e8e464c2f491aae2a5c16bb8ee46bcb2b41b /app/Controllers/feedController.php | |
| parent | c599ff4e4b09274f23369706e92b5040aa182038 (diff) | |
Fix HTML encodings in e.g. cURL options (#6821)
* Fix HTML encodings in e.g. cURL options
* Trim headers whitespace
Diffstat (limited to 'app/Controllers/feedController.php')
| -rwxr-xr-x | app/Controllers/feedController.php | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index c2d25821d..105099966 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -170,15 +170,15 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { $http_auth = $user . ':' . $pass; } - $cookie = Minz_Request::paramString('curl_params_cookie'); + $cookie = Minz_Request::paramString('curl_params_cookie', plaintext: true); $cookie_file = Minz_Request::paramBoolean('curl_params_cookiefile'); $max_redirs = Minz_Request::paramInt('curl_params_redirects'); - $useragent = Minz_Request::paramString('curl_params_useragent'); - $proxy_address = Minz_Request::paramString('curl_params'); - $proxy_type = Minz_Request::paramString('proxy_type'); - $request_method = Minz_Request::paramString('curl_method'); - $request_fields = Minz_Request::paramString('curl_fields', true); - $headers = Minz_Request::paramTextToArray('http_headers'); + $useragent = Minz_Request::paramString('curl_params_useragent', plaintext: true); + $proxy_address = Minz_Request::paramString('curl_params', plaintext: true); + $proxy_type = Minz_Request::paramString('proxy_type', plaintext: true); + $request_method = Minz_Request::paramString('curl_method', plaintext: true); + $request_fields = Minz_Request::paramString('curl_fields', plaintext: true); + $headers = Minz_Request::paramTextToArray('http_headers', plaintext: true); $opts = []; if ($proxy_type !== '') { @@ -210,6 +210,7 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { } } if(!empty($headers)) { + $headers = array_filter(array_map('trim', $headers)); $opts[CURLOPT_HTTPHEADER] = array_merge($headers, $opts[CURLOPT_HTTPHEADER] ?? []); } |