aboutsummaryrefslogtreecommitdiffstats
path: root/mod/dfrn_request.php
diff options
context:
space:
mode:
authorMike Macgirvin <mike@macgirvin.com>2010-09-13 17:12:54 -0700
committerMike Macgirvin <mike@macgirvin.com>2010-09-13 17:12:54 -0700
commit38fde6672eb3d46b8b154ba2f22df99f91f64852 (patch)
tree2b66ef1aa3d6575a124e0b3cdad9c2a3042d0444 /mod/dfrn_request.php
parent2c96ad77396b0df2be481c4f90cc61ebaa83bc75 (diff)
downloadvolse-hubzilla-38fde6672eb3d46b8b154ba2f22df99f91f64852.tar.gz
volse-hubzilla-38fde6672eb3d46b8b154ba2f22df99f91f64852.tar.bz2
volse-hubzilla-38fde6672eb3d46b8b154ba2f22df99f91f64852.zip
provide allow list of friend sites for education/corporate environments,
pattern matchable
Diffstat (limited to 'mod/dfrn_request.php')
-rw-r--r--mod/dfrn_request.php11
1 files changed, 9 insertions, 2 deletions
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 617d4b2d8..a22492fe6 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -134,7 +134,7 @@ function dfrn_request_post(&$a) {
// invalid/bogus request
- notice( t("Unrecoverable protocol error.") . EOL );
+ notice( t('Unrecoverable protocol error.') . EOL );
goaway($a->get_baseurl());
return; // NOTREACHED
}
@@ -219,7 +219,14 @@ function dfrn_request_post(&$a) {
goaway($a->get_baseurl() . '/' . $a->cmd);
return; // NOTREACHED
}
+
+ if(! allowed_url($url)) {
+ notice( t('Disallowed profile URL.') . EOL);
+ goaway($a->get_baseurl() . '/' . $a->cmd);
+ return; // NOTREACHED
+ }
+
require_once('Scrape.php');
$parms = scrape_dfrn($url);
@@ -301,7 +308,7 @@ function dfrn_request_post(&$a) {
// This notice will only be seen by the requestor if the requestor and requestee are on the same server.
if(! $failed)
- notice( t("Your introduction has been sent.") . EOL );
+ notice( t('Your introduction has been sent.') . EOL );
// "Homecoming" - send the requestor back to their site to record the introduction.