Browse Source

Added check_domain_blocklist

pull/3392/head
Hypolite Petovan 3 years ago
parent
commit
c7e1a8e871
3 changed files with 51 additions and 8 deletions
  1. +5
    -0
      include/follow.php
  2. +41
    -8
      include/network.php
  3. +5
    -0
      mod/dfrn_request.php

+ 5
- 0
include/follow.php View File

@ -82,6 +82,11 @@ function new_contact($uid,$url,$interactive = false) {
return $result;
}
if (! check_domain_blocklist($url)) {
$result['message'] = t('Blocked domain');
return $result;
}
if (! $url) {
$result['message'] = t('Connect URL missing.');
return $result;


+ 41
- 8
include/network.php View File

@ -454,13 +454,14 @@ function allowed_url($url) {
$h = @parse_url($url);
if(! $h) {
if (! $h) {
return false;
}
$str_allowed = get_config('system','allowed_sites');
if(! $str_allowed)
$str_allowed = get_config('system', 'allowed_sites');
if (! $str_allowed) {
return true;
}
$found = false;
@ -468,16 +469,17 @@ function allowed_url($url) {
// always allow our own site
if($host == strtolower($_SERVER['SERVER_NAME']))
if ($host == strtolower($_SERVER['SERVER_NAME'])) {
return true;
}
$fnmatch = function_exists('fnmatch');
$allowed = explode(',',$str_allowed);
$allowed = explode(',', $str_allowed);
if(count($allowed)) {
foreach($allowed as $a) {
if (count($allowed)) {
foreach ($allowed as $a) {
$pat = strtolower(trim($a));
if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) {
if (($fnmatch && fnmatch($pat, $host)) || ($pat == $host)) {
$found = true;
break;
}
@ -486,6 +488,37 @@ function allowed_url($url) {
return $found;
}
/**
* Checks if the provided url domain isn't on the domain blacklist.
* Return true if the check passed (not on the blacklist), false if not
* or malformed URL
*
* @param string $url The url to check the domain from
* @return boolean
*/
function check_domain_blocklist($url) {
$h = @parse_url($url);
if (! $h) {
return false;
}
$domain_blocklist = get_config('system', 'blocklist', array());
if (! $domain_blocklist) {
return true;
}
$host = strtolower($h['host']);
foreach ($domain_blocklist as $domain_block) {
if (strtolower($domain_block['domain']) == $host) {
return false;
}
}
return true;
}
/**
* @brief Check if email address is allowed to register here.
*


+ 5
- 0
mod/dfrn_request.php View File

@ -514,6 +514,11 @@ function dfrn_request_post(App $a) {
return; // NOTREACHED
}
if (! check_domain_blocklist($url)) {
notice( t('Blocked domain') . EOL);
goaway(App::get_baseurl() . '/' . $a->cmd);
return; // NOTREACHED
}
require_once('include/Scrape.php');


Loading…
Cancel
Save