From c60464a4bea0c43363793d3cc2d7703314816df8 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 16 Dec 2022 10:15:43 -0500 Subject: [PATCH] Catch exceptions in Model\Gserver::cleanURL - Address https://github.com/friendica/friendica/issues/11992#issuecomment-1354393419 --- src/Model/GServer.php | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/src/Model/GServer.php b/src/Model/GServer.php index a128060f4c..e93c347627 100644 --- a/src/Model/GServer.php +++ b/src/Model/GServer.php @@ -314,25 +314,20 @@ class GServer /** * Remove unwanted content from the given URL * - * @param string $url + * @param string $dirtyUrl * * @return string cleaned URL + * @throws Exception */ - public static function cleanURL(string $url): string + public static function cleanURL(string $dirtyUrl): string { - $url = trim($url, '/'); - $url = str_replace('/index.php', '', $url); - - $urlparts = parse_url($url); - if (empty($urlparts)) { + try { + $url = str_replace('/index.php', '', trim($dirtyUrl, '/')); + return (string)(new Uri($url))->withUserInfo('')->withQuery('')->withFragment(''); + } catch (\Throwable $e) { + Logger::warning('Invalid URL', ['dirtyUrl' => $dirtyUrl, 'url' => $url]); return ''; } - - unset($urlparts['user']); - unset($urlparts['pass']); - unset($urlparts['query']); - unset($urlparts['fragment']); - return (string)Uri::fromParts($urlparts); } /**