diff --git a/src/App/BaseURL.php b/src/App/BaseURL.php index 403030684..cc20343d1 100644 --- a/src/App/BaseURL.php +++ b/src/App/BaseURL.php @@ -127,4 +127,14 @@ class BaseURL extends Uri implements UriInterface $redirectTo = $this->__toString() . '/' . ltrim($toUrl, '/'); System::externalRedirect($redirectTo); } + + public function isLocalUrl(string $url): bool + { + return strpos(Strings::normaliseLink($url), Strings::normaliseLink((string)$this)) === 0; + } + + public function isLocalUri(UriInterface $uri): bool + { + return $this->isLocalUrl((string)$uri); + } } diff --git a/src/Module/ToggleMobile.php b/src/Module/ToggleMobile.php index 2408ef7f3..193f4566c 100644 --- a/src/Module/ToggleMobile.php +++ b/src/Module/ToggleMobile.php @@ -21,32 +21,43 @@ namespace Friendica\Module; +use Friendica\App; use Friendica\BaseModule; -use Friendica\DI; +use Friendica\Core\L10n; +use Friendica\Core\Session\Capability\IHandleSessions; +use Friendica\Core\System; +use Friendica\Network\HTTPException\BadRequestException; +use Friendica\Util; +use GuzzleHttp\Psr7\Uri; +use Psr\Log\LoggerInterface; /** * Toggles the mobile view (on/off) */ class ToggleMobile extends BaseModule { - protected function content(array $request = []): string + /** @var IHandleSessions */ + private $session; + + public function __construct(IHandleSessions $session, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Util\Profiler $profiler, Response $response, array $server, array $parameters = []) { - $a = DI::app(); + parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters); - if (isset($_GET['off'])) { - $_SESSION['show-mobile'] = false; - } else { - $_SESSION['show-mobile'] = true; + $this->session = $session; + } + + protected function rawContent(array $request = []) + { + $address = $request['address'] ?? '' ?: $this->baseUrl; + + $uri = new Uri($address); + + if (!$this->baseUrl->isLocalUri($uri)) { + throw new BadRequestException(); } - if (isset($_GET['address'])) { - $address = $_GET['address']; - } else { - $address = ''; - } + $this->session->set('show-mobile', !isset($request['off'])); - $a->redirect($address); - - return ''; + System::externalRedirect((string)$uri); } } diff --git a/src/Util/Network.php b/src/Util/Network.php index f7ceab543..495510189 100644 --- a/src/Util/Network.php +++ b/src/Util/Network.php @@ -640,10 +640,11 @@ class Network * @param string $url * * @return bool + * @deprecated since 2023.09, please use BaseUrl->isLocalUrl or BaseUrl->isLocalUri instead. */ public static function isLocalLink(string $url): bool { - return (strpos(Strings::normaliseLink($url), Strings::normaliseLink(DI::baseUrl())) !== false); + return DI::baseUrl()->isLocalUrl($url); } /**