Security: Use htmlspecialchars() for user input in Arguments class

[friendica.git] / src / Security / ExAuth.php

diff --git a/src/Security/ExAuth.php b/src/Security/ExAuth.php
index a402218f5662890c5bea84cbd9907695254b29d9..602acb0cb1bf72fd33dfc912d7f8b30dc1108d38 100644 (file)
--- a/src/Security/ExAuth.php
+++ b/src/Security/ExAuth.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -57,6 +57,7 @@ use Friendica\Core\PConfig\Capability\IManagePersonalConfigValues;
 use Friendica\Database\Database;
 use Friendica\DI;
 use Friendica\Model\User;
+use Friendica\Network\HTTPClient\Client\HttpClientAccept;
 use Friendica\Network\HTTPException;
 use Friendica\Util\PidFile;
 
@@ -239,7 +240,7 @@ class ExAuth
 
                $url = ($ssl ? 'https' : 'http') . '://' . $host . '/noscrape/' . $user;
 
-               $curlResult = DI::httpClient()->get($url);
+               $curlResult = DI::httpClient()->get($url, HttpClientAccept::JSON);
 
                if (!$curlResult->isSuccess()) {
                        return false;