tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1832 from oddnoc/is_absolute_url-regex

Browse Source 
Anchor regex in Director#is_absolute_url()
This commit is contained in:
Ingo Schommer 2013-05-08 01:40:23 -07:00
commit d74c4aadc1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
control/Director.php
View File

@ -579,7 +579,7 @@ class Director implements TemplateGlobalProvider {
// Check for more than one leading slash without a protocol. // Check for more than one leading slash without a protocol.
// While not a RFC compliant absolute URL, it is completed to a valid URL by some browsers, // While not a RFC compliant absolute URL, it is completed to a valid URL by some browsers,
// and hence a potential security risk. Single leading slashes are not an issue though. // and hence a potential security risk. Single leading slashes are not an issue though.
|| preg_match('/\s*[\/]{2,}/', $url) || preg_match('%^\s*/{2,}%', $url)
|| ( || (
// If a colon is found, check if it's part of a valid scheme definition // If a colon is found, check if it's part of a valid scheme definition
// (meaning its not preceded by a slash). // (meaning its not preceded by a slash).