Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added scheme checks in embed.php #1037

Merged
merged 12 commits into from Jan 28, 2023
Merged

added scheme checks in embed.php #1037

merged 12 commits into from Jan 28, 2023

Conversation

PeanutNL
Copy link
Contributor

Follow up on #1036
Added checks on the urls on the embeds

@PeanutNL
added scheme checks
049e995 
added scheme checks on the embeds
@PeanutNL
replaced preg_match
18c65f4 
Replaced preg_match to filter_var and parse_url
@PeanutNL
Copy link
Contributor Author

Replaced the preg_match checks!

Used filter_var to make sure its an URL.
used parse_url to make sure it has a correct scheme.

key2peace
key2peace previously approved these changes Jan 12, 2023
View reviewed changes
@key2peace
Update Embed.php
4c9ad5a 
moved url checking into a protected function checkUrl and removed the need for filter_var/parse_url
@key2peace
Update Embed.php
ff538db
@key2peace
Update Embed.php
39a2844
@key2peace
rework
63fcecc 
- move url checks to protected function, allowing to define the supported url schemes
- provide Attachment support where it was missing
- replace parse_url with strstr
- trim some fat
@key2peace
casting updates
5e0cdf3
@key2peace
parse_url is back
49eba83 
since we do proper checks on the $url before we pass it to parse_url, there is no security issue, despite codacy telling you otherwise.
@key2peace
Update Embed.php
59890a9
key2peace
key2peace previously approved these changes Jan 20, 2023
View reviewed changes
Exanlv
Exanlv requested changes Jan 23, 2023
View reviewed changes
src/Discord/Parts/Embed/Embed.php Outdated Show resolved Hide resolved
src/Discord/Parts/Embed/Embed.php Outdated Show resolved Hide resolved
src/Discord/Parts/Embed/Embed.php Outdated Show resolved Hide resolved
src/Discord/Parts/Embed/Embed.php Outdated Show resolved Hide resolved
Exanlv
Exanlv previously approved these changes Jan 23, 2023
View reviewed changes
@key2peace key2peace merged commit 60b27da into discord-php:master Jan 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@key2peace key2peace key2peace approved these changes

@Exanlv Exanlv Exanlv left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@PeanutNL @key2peace @Exanlv