mirror of
https://github.com/silverstripe/silverstripe-iframe
synced 2024-10-22 11:05:51 +02:00
Compare commits
2 Commits
c23cd84be6
...
132d1257c9
Author | SHA1 | Date | |
---|---|---|---|
|
132d1257c9 | ||
|
31fa96ef66 |
@ -142,8 +142,8 @@ class IFramePage extends Page
|
||||
|
||||
//whitelist allowed URL schemes
|
||||
$allowed_schemes = array('http', 'https');
|
||||
if ($matches = parse_url($this->IFrameURL)) {
|
||||
if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes)) {
|
||||
if ($matches = parse_url($this->IFrameURL ?? '')) {
|
||||
if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes ?? [])) {
|
||||
$result->addError(_t(__CLASS__ . '.VALIDATION_BANNEDURLSCHEME', "This URL scheme is not allowed."));
|
||||
}
|
||||
}
|
||||
|
@ -16,8 +16,8 @@ class IFramePageController extends PageController
|
||||
if ($desiredProtocol && $currentProtocol !== $desiredProtocol) {
|
||||
$enforcedLocation = preg_replace(
|
||||
"#^${currentProtocol}#",
|
||||
$desiredProtocol,
|
||||
$this->AbsoluteLink()
|
||||
$desiredProtocol ?? '',
|
||||
$this->AbsoluteLink() ?? ''
|
||||
);
|
||||
return $this->redirect($enforcedLocation);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user