aboutsummaryrefslogtreecommitdiffstats
path: root/mod/dfrn_request.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/dfrn_request.php')
-rw-r--r--mod/dfrn_request.php11
1 files changed, 9 insertions, 2 deletions
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 617d4b2d8..a22492fe6 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -134,7 +134,7 @@ function dfrn_request_post(&$a) {
// invalid/bogus request
- notice( t("Unrecoverable protocol error.") . EOL );
+ notice( t('Unrecoverable protocol error.') . EOL );
goaway($a->get_baseurl());
return; // NOTREACHED
}
@@ -219,7 +219,14 @@ function dfrn_request_post(&$a) {
goaway($a->get_baseurl() . '/' . $a->cmd);
return; // NOTREACHED
}
+
+ if(! allowed_url($url)) {
+ notice( t('Disallowed profile URL.') . EOL);
+ goaway($a->get_baseurl() . '/' . $a->cmd);
+ return; // NOTREACHED
+ }
+
require_once('Scrape.php');
$parms = scrape_dfrn($url);
@@ -301,7 +308,7 @@ function dfrn_request_post(&$a) {
// This notice will only be seen by the requestor if the requestor and requestee are on the same server.
if(! $failed)
- notice( t("Your introduction has been sent.") . EOL );
+ notice( t('Your introduction has been sent.') . EOL );
// "Homecoming" - send the requestor back to their site to record the introduction.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 00:00:23 +0000