Permalink
Browse files

Stricter URL checking in JSON fetcher

  • Loading branch information...
1 parent c628477 commit 779a6fda51807d1bd9b28b2cf542c66d6ebb473c @umbrae committed Jun 14, 2011
Showing with 6 additions and 1 deletion.
  1. +6 −1 proxy.php
View
@@ -1,10 +1,15 @@
<?php
-$url = filter_var($_POST['url'], FILTER_VALIDATE_URL);
+$url = filter_var($_POST['url'], FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED);
+
+if (!$url || !preg_match("/^https?:/i", $url)) {
+ echo '{ "result": "Invalid URL. Please check your URL and try again.", "error": true }';
+}
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$data = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);

0 comments on commit 779a6fd

Please sign in to comment.