Fijxu
/
librex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix high-severity vulnerability

This commit is contained in:
Revvy 2023-08-29 14:07:50 -04:00
parent 3b23c4d099
commit 33240c4d21
2 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
image_proxy.php
View File

@ -6,7 +6,7 @@
$url = $_REQUEST["url"];
$requested_root_domain = get_root_domain($url);
$allowed_domains = array("qwant.com", "wikimedia.org", get_root_domain($config->invidious_instance_for_video_results));
$allowed_domains = array("s2.qwant.com", "s1.qwant.com", "upload.wikimedia.org", get_root_domain($config->invidious_instance_for_video_results));
if (in_array($requested_root_domain, $allowed_domains))
{

8
misc/tools.php
View File

@ -6,13 +6,7 @@
}
function get_root_domain($url) {
$split_url = explode("/", $url);
$base_url = $split_url[2];
$base_url_main_split = explode(".", strrev($base_url));
$root_domain = strrev($base_url_main_split[1]) . "." . strrev($base_url_main_split[0]);
return $root_domain;
return parse_url($url, PHP_URL_HOST);
}
function try_replace_with_frontend($url, $frontend, $original, $opts) {