aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/Models/ConfigurationSetter.php2
-rw-r--r--app/Models/Feed.php4
-rw-r--r--lib/favicons.php15
-rw-r--r--lib/lib_rss.php12
4 files changed, 19 insertions, 14 deletions
diff --git a/app/Models/ConfigurationSetter.php b/app/Models/ConfigurationSetter.php
index e6bcec54c..1d4b7f667 100644
--- a/app/Models/ConfigurationSetter.php
+++ b/app/Models/ConfigurationSetter.php
@@ -118,7 +118,7 @@ class FreshRSS_ConfigurationSetter {
// Verify URL and add default value when needed
if (isset($value['url'])) {
- $is_url = filter_var($value['url'], FILTER_VALIDATE_URL);
+ $is_url = checkUrl($value['url']);
if (!$is_url) {
continue;
}
diff --git a/app/Models/Feed.php b/app/Models/Feed.php
index a681345d4..7811d05b2 100644
--- a/app/Models/Feed.php
+++ b/app/Models/Feed.php
@@ -188,7 +188,7 @@ class FreshRSS_Feed extends Minz_Model {
if ($validate) {
$value = checkUrl($value);
}
- if (empty($value)) {
+ if ($value == '') {
throw new FreshRSS_BadUrl_Exception($value);
}
$this->url = $value;
@@ -204,7 +204,7 @@ class FreshRSS_Feed extends Minz_Model {
if ($validate) {
$value = checkUrl($value);
}
- if (empty($value)) {
+ if ($value == '') {
$value = '';
}
$this->website = $value;
diff --git a/lib/favicons.php b/lib/favicons.php
index 6cb3d373e..fd03f61c8 100644
--- a/lib/favicons.php
+++ b/lib/favicons.php
@@ -23,10 +23,8 @@ function isImgMime($content) {
function downloadHttp(&$url, $curlOptions = array()) {
syslog(LOG_INFO, 'FreshRSS Favicon GET ' . $url);
- if (substr($url, 0, 2) === '//') {
- $url = 'https:' . $url;
- }
- if ($url == '' || filter_var($url, FILTER_VALIDATE_URL) === false) {
+ $url = checkUrl($url);
+ if (!$url) {
return '';
}
$ch = curl_init($url);
@@ -42,8 +40,11 @@ function downloadHttp(&$url, $curlOptions = array()) {
$response = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
- if (!empty($info['url']) && (filter_var($info['url'], FILTER_VALIDATE_URL) !== false)) {
- $url = $info['url']; //Possible redirect
+ if (!empty($info['url'])) {
+ $url2 = checkUrl($info['url']);
+ if ($url2 != '') {
+ $url = $url2; //Possible redirect
+ }
}
return $info['http_code'] == 200 ? $response : '';
}
@@ -67,7 +68,7 @@ function searchFavicon(&$url) {
$href = 'https:' . $href;
}
}
- if (filter_var($href, FILTER_VALIDATE_URL) === false) {
+ if (!checkUrl($href, false)) {
$href = SimplePie_IRI::absolutize($url, $href);
}
$favicon = downloadHttp($href, array(
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 52c986433..8a58d2124 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -74,15 +74,19 @@ function idn_to_puny($url) {
return $url;
}
-function checkUrl($url) {
+function checkUrl($url, $fixScheme = true) {
+ $url = trim($url);
if ($url == '') {
return '';
}
- if (!preg_match('#^https?://#i', $url)) {
- $url = 'http://' . $url;
+ if ($fixScheme && !preg_match('#^https?://#i', $url)) {
+ $url = 'https://' . ltrim($url, '/');
}
+
$url = idn_to_puny($url); //PHP bug #53474 IDN
- if (filter_var($url, FILTER_VALIDATE_URL)) {
+ $urlRelaxed = str_replace('_', 'z', $url); //PHP discussion #64948 Underscore
+
+ if (filter_var($urlRelaxed, FILTER_VALIDATE_URL)) {
return $url;
} else {
return false;
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-10 10:30:51 +0000