Improve URL filtering in url.php

Signed-off-by: Michal Čihař <michal@cihar.com>

libraries/core.lib.php

@@ -845,6 +845,10 @@ function PMA_linkURL($url)
 function PMA_isAllowedDomain($url)
 {
     $arr = parse_url($url);
+    // Avoid URLs without hostname or with credentials
+    if (empty($arr['host']) || ! empty($arr['user']) || ! empty($arr['pass'])) {
+        return false;
+    }
     $domain = $arr["host"];
     $domainWhiteList = array(
         /* Include current domain */