Move unsecured GET endpoint handlers before security token check in Module\Contact

[friendica.git] / mod / follow.php

diff --git a/mod/follow.php b/mod/follow.php
index 075e58d091b18181afe36e389d263672fbebe900..09201bed16cab63f3a143da391c8a85a154b3205 100644 (file)
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -60,8 +60,7 @@ function follow_content(App $a)
 
        $uid = local_user();
 
-       // Issue 4815: Silently removing a prefixing @
-       $url = ltrim(Strings::escapeTags(trim($_REQUEST['url'] ?? '')), '@!');
+       $url = Probe::cleanURI(trim($_REQUEST['url'] ?? ''));
 
        // Issue 6874: Allow remote following from Peertube
        if (strpos($url, 'acct:') === 0) {