diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-06 13:56:32 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-06 13:56:32 +0200 |
commit | 78b0bcc19ad3aba0e1e10d7441290a8af82e63bf (patch) | |
tree | c46055c5d13bea272dcc162170e396c872954513 /db/feed.php | |
parent | 582dba7e944850d39316a15ef9e3297577fb936f (diff) |
move sanitation of urls to the serverside code to also provide security for clients, fix #151
Diffstat (limited to 'db/feed.php')
-rw-r--r-- | db/feed.php | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/db/feed.php b/db/feed.php index 22fbc359b..2bf16fc3b 100644 --- a/db/feed.php +++ b/db/feed.php @@ -65,4 +65,21 @@ class Feed extends Entity implements IAPI { ); } + + public function setUrl($url) { + $url = trim($url); + if(strpos($url, 'http') === 0) { + parent::setUrl($url); + } + } + + + public function setLink($url) { + $url = trim($url); + if(strpos($url, 'http') === 0) { + parent::setLink($url); + } + } + + }
\ No newline at end of file |