follow requests most adhere to site allow policy

author Friendika <info@friendika.com>

Tue, 19 Apr 2011 23:31:39 +0000 (16:31 -0700)

committer Friendika <info@friendika.com>

Tue, 19 Apr 2011 23:31:39 +0000 (16:31 -0700)
author Friendika <info@friendika.com>
Tue, 19 Apr 2011 23:31:39 +0000 (16:31 -0700)
committer Friendika <info@friendika.com>
Tue, 19 Apr 2011 23:31:39 +0000 (16:31 -0700)
diff --git a/boot.php b/boot.php

index 763dfc3fe80fd9264aaafeafef95a2342ee427cf..1dd5394341d69b0fd952869a94586ca82457e06b 100644 (file)
--- a/boot.php
+++ b/boot.php
@@ -2,7 +2,7 @@
  
  set_time_limit(0);
  
-define ( 'FRIENDIKA_VERSION',      '2.1.953' );
+define ( 'FRIENDIKA_VERSION',      '2.1.954' );
  define ( 'DFRN_PROTOCOL_VERSION',  '2.21'    );
  define ( 'DB_UPDATE_VERSION',      1053      );
  
diff --git a/mod/follow.php b/mod/follow.php

index 23fad81a89966bdab9e97ee224f153091dff0a31..a1412e6c4e097584b22147a85e03765143d666be 100644 (file)
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -12,6 +12,13 @@ function follow_post(&$a) {
  
         $url = $orig_url = notags(trim($_POST['url']));
  
+       if(! allowed_url($url)) {
+               notice( t('Disallowed profile URL.') . EOL);
+               goaway($_SESSION['return_url']);
+               // NOTREACHED
+       }
+
+
         $ret = probe_url($url);
author	Friendika <info@friendika.com>
	Tue, 19 Apr 2011 23:31:39 +0000 (16:31 -0700)
committer	Friendika <info@friendika.com>
	Tue, 19 Apr 2011 23:31:39 +0000 (16:31 -0700)
boot.php		patch \| blob \| history
mod/follow.php		patch \| blob \| history