[phpwiki-checkins] SF.net SVN: phpwiki:[10015] trunk/lib/stdlib.php

[<var...@us...>]

Revision: 10015
          http://sourceforge.net/p/phpwiki/code/10015
Author:   vargenau
Date:     2017-05-30 12:33:34 +0000 (Tue, 30 May 2017)
Log Message:
-----------
URL for image can be /path/to/image.png

Modified Paths:
--------------
    trunk/lib/stdlib.php

Modified: trunk/lib/stdlib.php
===================================================================
--- trunk/lib/stdlib.php	2017-05-30 09:00:02 UTC (rev 10014)
+++ trunk/lib/stdlib.php	2017-05-30 12:33:34 UTC (rev 10015)
@@ -357,10 +357,13 @@
  */
 function IsSafeURL($url, $http_only = true)
 {
-    if (preg_match('/([<>"])|(%3C)|(%3E)|(%22)/', $url) || (filter_var($url, FILTER_VALIDATE_URL) === false)) {
+    if (preg_match('/([<>"])|(%3C)|(%3E)|(%22)/', $url)) {
         return false;
     }
     if ($http_only) {
+        if (filter_var($url, FILTER_VALIDATE_URL) === false) {
+            return false;
+        }
         $scheme = parse_url($url, PHP_URL_SCHEME);
         return ($scheme == 'http') || ($scheme == 'https');
     } else {

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.