diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/dfrn_request.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 617d4b2d8..a22492fe6 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -134,7 +134,7 @@ function dfrn_request_post(&$a) { // invalid/bogus request - notice( t("Unrecoverable protocol error.") . EOL ); + notice( t('Unrecoverable protocol error.') . EOL ); goaway($a->get_baseurl()); return; // NOTREACHED } @@ -219,7 +219,14 @@ function dfrn_request_post(&$a) { goaway($a->get_baseurl() . '/' . $a->cmd); return; // NOTREACHED } + + if(! allowed_url($url)) { + notice( t('Disallowed profile URL.') . EOL); + goaway($a->get_baseurl() . '/' . $a->cmd); + return; // NOTREACHED + } + require_once('Scrape.php'); $parms = scrape_dfrn($url); @@ -301,7 +308,7 @@ function dfrn_request_post(&$a) { // This notice will only be seen by the requestor if the requestor and requestee are on the same server. if(! $failed) - notice( t("Your introduction has been sent.") . EOL ); + notice( t('Your introduction has been sent.') . EOL ); // "Homecoming" - send the requestor back to their site to record the introduction. |