X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FUtil%2FNetwork.php;h=495510189f1a2a849f61d69ce9aacbc283750b3d;hb=e1863951986ba5be173758324a00652bc5af870c;hp=b7954d8e4de8d75b174276eb906d42b15d29f4ac;hpb=360614d2cf3aceeb763ef1281ad5236878f5d735;p=friendica.git

diff --git a/src/Util/Network.php b/src/Util/Network.php
index b7954d8e4d..495510189f 100644
--- a/src/Util/Network.php
+++ b/src/Util/Network.php
@@ -29,6 +29,7 @@ use Friendica\Network\HTTPClient\Client\HttpClientAccept;
 use Friendica\Network\HTTPClient\Client\HttpClientOptions;
 use Friendica\Network\HTTPException\NotModifiedException;
 use GuzzleHttp\Psr7\Uri;
+use Psr\Http\Message\UriInterface;
 
 class Network
 {
@@ -78,11 +79,19 @@ class Network
 
 		if (in_array(parse_url($url, PHP_URL_SCHEME), ['https', 'http'])) {
 			$options = [HttpClientOptions::VERIFY => true, HttpClientOptions::TIMEOUT => $xrd_timeout];
-			$curlResult = DI::httpClient()->head($url, $options);
+			try {
+				$curlResult = DI::httpClient()->head($url, $options);
+			} catch (\Exception $e) {
+				return false;
+			}
 
 			// Workaround for systems that can't handle a HEAD request. Don't retry on timeouts.
 			if (!$curlResult->isSuccess() && ($curlResult->getReturnCode() >= 400) && !in_array($curlResult->getReturnCode(), [408, 504])) {
-				$curlResult = DI::httpClient()->get($url, HttpClientAccept::DEFAULT, $options);
+				try {
+					$curlResult = DI::httpClient()->get($url, HttpClientAccept::DEFAULT, $options);
+				} catch (\Exception $e) {
+					return false;
+				}
 			}
 
 			if (!$curlResult->isSuccess()) {
@@ -177,11 +186,28 @@ class Network
 	 * @param string $url The url to check the domain from
 	 *
 	 * @return boolean
+	 *
+	 * @deprecated since 2023.03 Use isUriBlocked instead
 	 */
 	public static function isUrlBlocked(string $url): bool
 	{
-		$host = @parse_url($url, PHP_URL_HOST);
-		if (!$host) {
+		try {
+			return self::isUriBlocked(new Uri($url));
+		} catch (\Throwable $e) {
+			Logger::warning('Invalid URL', ['url' => $url]);
+			return false;
+		}
+	}
+
+	/**
+	 * Checks if the provided URI domain is on the domain blocklist.
+	 *
+	 * @param UriInterface $uri
+	 * @return boolean
+	 */
+	public static function isUriBlocked(UriInterface $uri): bool
+	{
+		if (!$uri->getHost()) {
 			return false;
 		}
 
@@ -191,7 +217,7 @@ class Network
 		}
 
 		foreach ($domain_blocklist as $domain_block) {
-			if (fnmatch(strtolower($domain_block['domain']), strtolower($host))) {
+			if (fnmatch(strtolower($domain_block['domain']), strtolower($uri->getHost()))) {
 				return true;
 			}
 		}
@@ -331,7 +357,7 @@ class Network
 						$pair = $param . '=' . str_replace(' ', '+', $value);
 						$url = str_replace($pair, '', $url);
 
-						// Third try: Maybey the url isn't encoded at all
+						// Third try: Maybe the url isn't encoded at all
 						$pair = $param . '=' . $value;
 						$url = str_replace($pair, '', $url);
 
@@ -358,6 +384,7 @@ class Network
 	 */
 	public static function addBasePath(string $url, string $basepath): string
 	{
+		$url = trim($url);
 		if (!empty(parse_url($url, PHP_URL_SCHEME)) || empty(parse_url($basepath, PHP_URL_SCHEME)) || empty($url) || empty(parse_url($url))) {
 			return $url;
 		}
@@ -613,10 +640,11 @@ class Network
 	 * @param string $url
 	 *
 	 * @return bool
+	 * @deprecated since 2023.09, please use BaseUrl->isLocalUrl or BaseUrl->isLocalUri instead.
 	 */
 	public static function isLocalLink(string $url): bool
 	{
-		return (strpos(Strings::normaliseLink($url), Strings::normaliseLink(DI::baseUrl())) !== false);
+		return DI::baseUrl()->isLocalUrl($url);
 	}
 
 	/**