X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fbookmarklet.php;h=d9c2f52f821d0a449c7a24b116fd0f36358ae4dd;hb=5e60fa8210b502797209de770780d6d7ba81b86c;hp=88097eb91006ba072942641683c4426420ac4586;hpb=762a78661109d28dbc29a15b379b342938b35f40;p=friendica.git

diff --git a/mod/bookmarklet.php b/mod/bookmarklet.php
index 88097eb910..d9c2f52f82 100644
--- a/mod/bookmarklet.php
+++ b/mod/bookmarklet.php
@@ -9,6 +9,7 @@ use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Core\System;
 use Friendica\Module\Login;
+use Friendica\Util\Strings;
 
 require_once 'include/conversation.php';
 require_once 'include/items.php';
@@ -22,14 +23,18 @@ function bookmarklet_content(App $a)
 {
 	if (!local_user()) {
 		$o = '<h2>' . L10n::t('Login') . '</h2>';
-		$o .= Login::form($a->query_string, Config::get('config', 'register_policy') === REGISTER_CLOSED ? false : true);
+		$o .= Login::form($a->query_string, intval(Config::get('config', 'register_policy')) === REGISTER_CLOSED ? false : true);
 		return $o;
 	}
 
-	$referer = normalise_link($_SERVER["HTTP_REFERER"]);
-	$page = normalise_link(System::baseUrl() . "/bookmarklet");
+	$referer = Strings::normaliseLink(defaults($_SERVER, 'HTTP_REFERER', ''));
+	$page = Strings::normaliseLink(System::baseUrl() . "/bookmarklet");
 
 	if (!strstr($referer, $page)) {
+		if (empty($_REQUEST["url"])) {
+			System::httpExit(400, ["title" => L10n::t('Bad Request')]);
+		}
+
 		$content = add_page_info($_REQUEST["url"]);
 
 		$x = [
@@ -43,7 +48,7 @@ function bookmarklet_content(App $a)
 			'bang' => '',
 			'visitor' => 'block',
 			'profile_uid' => local_user(),
-			'title' => trim($_REQUEST["title"], "*"),
+			'title' => trim(defaults($_REQUEST, 'title', ''), "*"),
 			'content' => $content
 		];
 		$o = status_editor($a, $x, 0, false);