Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
BBC scheme checks for specific schemes #5338
In SMF 2.0 and 1.1 we did stuff like this to validate specifics in bbc such as ftp
In SMF 2.1 we are doing this:
While parse_url is better check, we dropped the specifics in things like the ftp bbc to ensure it is only ftp:// or ftps:// links being used. This means we could use http:// or https:// links in a ftp link. Even file:// would be valid.
I see this being relevant for img, url and iurl bbc methods as well.
Steps to reproduce
Environment (complete as necessary)
The old changes where Introduced in SMF 1.1.11 with the change log note: ! Double check the sanity of URL's in parse_bbc. (Subs.php)
This seems to me like the correct behaviour. In the [url], [iurl], and [img] BBCodes, we shouldn't impose artificial limits on the protocol schemes of the URLs that people choose to post. If someone wants to post a link with any arbitrary scheme, it's not our place to say that they can't.
In the case of [ftp] in particular, that legacy BBCode is nothing more than an alias of [url], with the exception that it will automatically append an