Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix issue #214 by ensuring we handle invalid URIs

Also closes #228, but doesn't fix the base problem where paths starting
with // aren't parsed by SimplePie_IRI.
  • Loading branch information...
commit 267e39654206e28e252ed4bdb93f2290a61f824e 1 parent bc3ae79
Ryan McCue rmccue authored
15 library/SimplePie/Locator.php
View
@@ -180,7 +180,12 @@ public function get_base()
{
if ($element->hasAttribute('href'))
{
- $this->base = $this->registry->call('Misc', 'absolutize_url', array(trim($element->getAttribute('href')), $this->http_base));
+ $base = $this->registry->call('Misc', 'absolutize_url', array(trim($element->getAttribute('href')), $this->http_base));
+ if ($base === false)
+ {
+ continue;
+ }
+ $this->base = $base;
$this->base_location = method_exists($element, 'getLineNo') ? $element->getLineNo() : 0;
break;
}
@@ -232,6 +237,10 @@ protected function search_elements_by_tag($name, &$done, $feeds)
{
$href = $this->registry->call('Misc', 'absolutize_url', array(trim($link->getAttribute('href')), $this->http_base));
}
+ if ($href === false)
+ {
+ continue;
+ }
if (!in_array($href, $done) && in_array('feed', $rel) || (in_array('alternate', $rel) && !in_array('stylesheet', $rel) && $link->hasAttribute('type') && in_array(strtolower($this->registry->call('Misc', 'parse_mime', array($link->getAttribute('type')))), array('application/rss+xml', 'application/atom+xml'))) && !isset($feeds[$href]))
{
@@ -276,6 +285,10 @@ public function get_links()
{
$href = $this->registry->call('Misc', 'absolutize_url', array(trim($link->getAttribute('href')), $this->http_base));
}
+ if ($href === false)
+ {
+ continue;
+ }
$current = $this->registry->call('Misc', 'parse_url', array($this->file->url));
4 library/SimplePie/Misc.php
View
@@ -80,6 +80,10 @@ public static function time_hms($seconds)
public static function absolutize_url($relative, $base)
{
$iri = SimplePie_IRI::absolutize(new SimplePie_IRI($base), $relative);
+ if ($iri === false)
+ {
+ return false;
+ }
return $iri->get_uri();
}
8 library/SimplePie/Parser.php
View
@@ -278,8 +278,12 @@ public function tag_open($parser, $tag, $attributes)
if (isset($attribs[SIMPLEPIE_NAMESPACE_XML]['base']))
{
- $this->xml_base[] = $this->registry->call('Misc', 'absolutize_url', array($attribs[SIMPLEPIE_NAMESPACE_XML]['base'], end($this->xml_base)));
- $this->xml_base_explicit[] = true;
+ $base = $this->registry->call('Misc', 'absolutize_url', array($attribs[SIMPLEPIE_NAMESPACE_XML]['base'], end($this->xml_base)));
+ if ($base !== false)
+ {
+ $this->xml_base[] = $base;
+ $this->xml_base_explicit[] = true;
+ }
}
else
{
11 library/SimplePie/Sanitize.php
View
@@ -356,7 +356,11 @@ public function sanitize($data, $type, $base = '')
if ($type & SIMPLEPIE_CONSTRUCT_IRI)
{
- $data = $this->registry->call('Misc', 'absolutize_url', array($data, $base));
+ $absolute = $this->registry->call('Misc', 'absolutize_url', array($data, $base));
+ if ($absolute !== false)
+ {
+ $data = $absolute;
+ }
}
if ($type & (SIMPLEPIE_CONSTRUCT_TEXT | SIMPLEPIE_CONSTRUCT_IRI))
@@ -412,7 +416,10 @@ public function replace_urls($document, $tag, $attributes)
if ($element->hasAttribute($attribute))
{
$value = $this->registry->call('Misc', 'absolutize_url', array($element->getAttribute($attribute), $this->base));
- $element->setAttribute($attribute, $value);
+ if ($value !== false)
+ {
+ $element->setAttribute($attribute, $value);
+ }
}
}
}
Please sign in to comment.
Something went wrong with that request. Please try again.