Added check_domain_blocklist
This commit is contained in:
parent
7d9d22914f
commit
c7e1a8e871
3 changed files with 51 additions and 8 deletions
|
@ -82,6 +82,11 @@ function new_contact($uid,$url,$interactive = false) {
|
|||
return $result;
|
||||
}
|
||||
|
||||
if (! check_domain_blocklist($url)) {
|
||||
$result['message'] = t('Blocked domain');
|
||||
return $result;
|
||||
}
|
||||
|
||||
if (! $url) {
|
||||
$result['message'] = t('Connect URL missing.');
|
||||
return $result;
|
||||
|
|
|
@ -454,13 +454,14 @@ function allowed_url($url) {
|
|||
|
||||
$h = @parse_url($url);
|
||||
|
||||
if(! $h) {
|
||||
if (! $h) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$str_allowed = get_config('system','allowed_sites');
|
||||
if(! $str_allowed)
|
||||
$str_allowed = get_config('system', 'allowed_sites');
|
||||
if (! $str_allowed) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$found = false;
|
||||
|
||||
|
@ -468,16 +469,17 @@ function allowed_url($url) {
|
|||
|
||||
// always allow our own site
|
||||
|
||||
if($host == strtolower($_SERVER['SERVER_NAME']))
|
||||
if ($host == strtolower($_SERVER['SERVER_NAME'])) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$fnmatch = function_exists('fnmatch');
|
||||
$allowed = explode(',',$str_allowed);
|
||||
$allowed = explode(',', $str_allowed);
|
||||
|
||||
if(count($allowed)) {
|
||||
foreach($allowed as $a) {
|
||||
if (count($allowed)) {
|
||||
foreach ($allowed as $a) {
|
||||
$pat = strtolower(trim($a));
|
||||
if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) {
|
||||
if (($fnmatch && fnmatch($pat, $host)) || ($pat == $host)) {
|
||||
$found = true;
|
||||
break;
|
||||
}
|
||||
|
@ -486,6 +488,37 @@ function allowed_url($url) {
|
|||
return $found;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the provided url domain isn't on the domain blacklist.
|
||||
* Return true if the check passed (not on the blacklist), false if not
|
||||
* or malformed URL
|
||||
*
|
||||
* @param string $url The url to check the domain from
|
||||
* @return boolean
|
||||
*/
|
||||
function check_domain_blocklist($url) {
|
||||
$h = @parse_url($url);
|
||||
|
||||
if (! $h) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$domain_blocklist = get_config('system', 'blocklist', array());
|
||||
if (! $domain_blocklist) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$host = strtolower($h['host']);
|
||||
|
||||
foreach ($domain_blocklist as $domain_block) {
|
||||
if (strtolower($domain_block['domain']) == $host) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Check if email address is allowed to register here.
|
||||
*
|
||||
|
|
|
@ -514,6 +514,11 @@ function dfrn_request_post(App $a) {
|
|||
return; // NOTREACHED
|
||||
}
|
||||
|
||||
if (! check_domain_blocklist($url)) {
|
||||
notice( t('Blocked domain') . EOL);
|
||||
goaway(App::get_baseurl() . '/' . $a->cmd);
|
||||
return; // NOTREACHED
|
||||
}
|
||||
|
||||
require_once('include/Scrape.php');
|
||||
|
||||
|
|
Loading…
Reference in a new issue