Added check_domain_blocklist

This commit is contained in:
Hypolite Petovan 2017-04-25 22:45:56 -04:00
parent 7d9d22914f
commit c7e1a8e871
3 changed files with 51 additions and 8 deletions

View File

@ -82,6 +82,11 @@ function new_contact($uid,$url,$interactive = false) {
return $result; return $result;
} }
if (! check_domain_blocklist($url)) {
$result['message'] = t('Blocked domain');
return $result;
}
if (! $url) { if (! $url) {
$result['message'] = t('Connect URL missing.'); $result['message'] = t('Connect URL missing.');
return $result; return $result;

View File

@ -454,13 +454,14 @@ function allowed_url($url) {
$h = @parse_url($url); $h = @parse_url($url);
if(! $h) { if (! $h) {
return false; return false;
} }
$str_allowed = get_config('system','allowed_sites'); $str_allowed = get_config('system', 'allowed_sites');
if(! $str_allowed) if (! $str_allowed) {
return true; return true;
}
$found = false; $found = false;
@ -468,16 +469,17 @@ function allowed_url($url) {
// always allow our own site // always allow our own site
if($host == strtolower($_SERVER['SERVER_NAME'])) if ($host == strtolower($_SERVER['SERVER_NAME'])) {
return true; return true;
}
$fnmatch = function_exists('fnmatch'); $fnmatch = function_exists('fnmatch');
$allowed = explode(',',$str_allowed); $allowed = explode(',', $str_allowed);
if(count($allowed)) { if (count($allowed)) {
foreach($allowed as $a) { foreach ($allowed as $a) {
$pat = strtolower(trim($a)); $pat = strtolower(trim($a));
if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) { if (($fnmatch && fnmatch($pat, $host)) || ($pat == $host)) {
$found = true; $found = true;
break; break;
} }
@ -486,6 +488,37 @@ function allowed_url($url) {
return $found; return $found;
} }
/**
* Checks if the provided url domain isn't on the domain blacklist.
* Return true if the check passed (not on the blacklist), false if not
* or malformed URL
*
* @param string $url The url to check the domain from
* @return boolean
*/
function check_domain_blocklist($url) {
$h = @parse_url($url);
if (! $h) {
return false;
}
$domain_blocklist = get_config('system', 'blocklist', array());
if (! $domain_blocklist) {
return true;
}
$host = strtolower($h['host']);
foreach ($domain_blocklist as $domain_block) {
if (strtolower($domain_block['domain']) == $host) {
return false;
}
}
return true;
}
/** /**
* @brief Check if email address is allowed to register here. * @brief Check if email address is allowed to register here.
* *

View File

@ -514,6 +514,11 @@ function dfrn_request_post(App $a) {
return; // NOTREACHED return; // NOTREACHED
} }
if (! check_domain_blocklist($url)) {
notice( t('Blocked domain') . EOL);
goaway(App::get_baseurl() . '/' . $a->cmd);
return; // NOTREACHED
}
require_once('include/Scrape.php'); require_once('include/Scrape.php');