diff options
author | zotlabs <mike@macgirvin.com> | 2018-08-11 16:16:54 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2018-08-11 16:16:54 -0700 |
commit | 5afe779ffc69bc5889a83a6fcbc4bcefc7c40a5c (patch) | |
tree | c3db7397b580a709be1a641cfd3605ec0f1e068d /include | |
parent | 1d13cc1601eb6e4a127d975465fda32d92c402a1 (diff) | |
download | volse-hubzilla-5afe779ffc69bc5889a83a6fcbc4bcefc7c40a5c.tar.gz volse-hubzilla-5afe779ffc69bc5889a83a6fcbc4bcefc7c40a5c.tar.bz2 volse-hubzilla-5afe779ffc69bc5889a83a6fcbc4bcefc7c40a5c.zip |
prevent json-ld bombing, turn off browser autocomplete on channel sources creation
Diffstat (limited to 'include')
-rw-r--r-- | include/network.php | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/include/network.php b/include/network.php index 6961bf0ba..d4f4f27c6 100644 --- a/include/network.php +++ b/include/network.php @@ -2042,6 +2042,22 @@ function jsonld_document_loader($url) { require_once('library/jsonld/jsonld.php'); + $recursion = 0; + + $x = debug_backtrace(); + if($x) { + foreach($x as $n) { + if($n['function'] === __FUNCTION__) { + $recursion ++; + } + } + } + if($recursion > 5) { + logger('jsonld bomb detected at: ' . $url); + killme(); + } + + $cachepath = 'store/[data]/ldcache'; if(! is_dir($cachepath)) os_mkdir($cachepath, STORAGE_DEFAULT_PERMISSIONS, true); |