From fc7d2a0bf271e43a9e6001dccef61ec0762eb840 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Wed, 17 Sep 2014 14:21:56 +0200
Subject: Move http referer test into lib_rss

Rename method (coding style)
Change in app/FreshRSS.php
Improve test of app/install.php
---
 lib/lib_rss.php | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'lib/lib_rss.php')

diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 823f53716..31c9cdbc1 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -230,3 +230,17 @@ function cryptAvailable() {
 	}
 	return false;
 }
+
+function is_referer_from_same_domain() {
+	if (empty($_SERVER['HTTP_REFERER'])) {
+		return false;
+	}
+	$host = parse_url(((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://') .
+		(empty($_SERVER['HTTP_HOST']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']));
+	$referer = parse_url($_SERVER['HTTP_REFERER']);
+	if (empty($host['scheme']) || empty($referer['scheme']) || $host['scheme'] !== $referer['scheme'] ||
+	    empty($host['host']) || empty($referer['host']) || $host['host'] !== $referer['host']) {
+		return false;
+	}
+	return (isset($host['port']) ? $host['port'] : 0) === (isset($referer['port']) ? $referer['port'] : 0);
+}
-- 
cgit v1.2.3