$uid = local_user();
- // Issue 4815: Silently removing a prefixing @
- $url = ltrim(Strings::escapeTags(trim($_REQUEST['url'] ?? '')), '@!');
+ $url = Probe::cleanURI(trim($_REQUEST['url'] ?? ''));
// Issue 6874: Allow remote following from Peertube
if (strpos($url, 'acct:') === 0) {