From 392137b433a477b1aeda016e867c26d95fbbe2dd Mon Sep 17 00:00:00 2001
From: Philipp Holzer <admin+github@philipp.info>
Date: Wed, 29 May 2019 20:32:16 +0200
Subject: [PATCH] Adding hexadecimal check for parse_rul see
 https://github.com/friendica/friendica/issues/6917#issuecomment-475461338

---
 mod/parse_url.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/mod/parse_url.php b/mod/parse_url.php
index 3b2522ab12..f4fb2d06a0 100644
--- a/mod/parse_url.php
+++ b/mod/parse_url.php
@@ -9,12 +9,14 @@
  *
  * @see ParseUrl::getSiteinfo() for more information about scraping embeddable content
  */
+
 use Friendica\App;
 use Friendica\Core\Hook;
 use Friendica\Core\Logger;
 use Friendica\Core\System;
 use Friendica\Util\Network;
 use Friendica\Util\ParseUrl;
+use Friendica\Util\Strings;
 
 function parse_url_content(App $a)
 {
@@ -25,10 +27,13 @@ function parse_url_content(App $a)
 
 	$br = "\n";
 
-	if (!empty($_GET['binurl'])) {
+	if (!empty($_GET['binurl']) && Strings::isHex($_GET['binurl'])) {
 		$url = trim(hex2bin($_GET['binurl']));
-	} else {
+	} elseif (!empty($_GET['url'])) {
 		$url = trim($_GET['url']);
+	// fallback in case no url is valid
+	} else {
+		$a->internalRedirect();
 	}
 
 	if (!empty($_GET['title'])) {