aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php2
-rw-r--r--mod/follow.php7
2 files changed, 8 insertions, 1 deletions
diff --git a/boot.php b/boot.php
index 763dfc3fe..1dd539434 100644
--- a/boot.php
+++ b/boot.php
@@ -2,7 +2,7 @@
set_time_limit(0);
-define ( 'FRIENDIKA_VERSION', '2.1.953' );
+define ( 'FRIENDIKA_VERSION', '2.1.954' );
define ( 'DFRN_PROTOCOL_VERSION', '2.21' );
define ( 'DB_UPDATE_VERSION', 1053 );
diff --git a/mod/follow.php b/mod/follow.php
index 23fad81a8..a1412e6c4 100644
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -12,6 +12,13 @@ function follow_post(&$a) {
$url = $orig_url = notags(trim($_POST['url']));
+ if(! allowed_url($url)) {
+ notice( t('Disallowed profile URL.') . EOL);
+ goaway($_SESSION['return_url']);
+ // NOTREACHED
+ }
+
+
$ret = probe_url($url);