Sanitize Web site URL

https://github.com/FreshRSS/FreshRSS/issues/1434
author: Alexandre Alapetite <alexandre@alapetite.fr> 2017-02-25 11:51:54 +0100
committer: Alexandre Alapetite <alexandre@alapetite.fr> 2017-02-25 11:51:54 +0100
commit: 8a6b38115456f592c8a246f9abbb84f4449721c0 (patch)
tree: 120cdc14b22d2798ce97f6f086b74becb42b5715 /app/Controllers/subscriptionController.php
parent: b8ac2b1d8ab47642018bd3f0fe6863b69a2743d6 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/app/Controllers/subscriptionController.php b/app/Controllers/subscriptionController.php
index 03d3ee15e..aa9f18663 100644
--- a/app/Controllers/subscriptionController.php
+++ b/app/Controllers/subscriptionController.php
@@ -90,8 +90,8 @@ class FreshRSS_subscription_Controller extends Minz_ActionController {
 			$values = array(
 				'name' => Minz_Request::param('name', ''),
 				'description' => sanitizeHTML(Minz_Request::param('description', '', true)),
-				'website' => Minz_Request::param('website', ''),
-				'url' => Minz_Request::param('url', ''),
+				'website' => checkUrl(Minz_Request::param('website', '')),
+				'url' => checkUrl(Minz_Request::param('url', '')),
 				'category' => $cat,
 				'pathEntries' => Minz_Request::param('path_entries', ''),
 				'priority' => intval(Minz_Request::param('priority', 0)),
author	Alexandre Alapetite <alexandre@alapetite.fr>	2017-02-25 11:51:54 +0100
committer	Alexandre Alapetite <alexandre@alapetite.fr>	2017-02-25 11:51:54 +0100
commit	8a6b38115456f592c8a246f9abbb84f4449721c0 (patch)
tree	120cdc14b22d2798ce97f6f086b74becb42b5715 /app/Controllers/subscriptionController.php
parent	b8ac2b1d8ab47642018bd3f0fe6863b69a2743d6 (diff)