mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-05-24 08:14:56 -04:00
Code Issues Packages Projects Releases Wiki Activity

SimplePie sanitize URLs for syslog

Browse Source 
https://github.com/FreshRSS/FreshRSS/issues/711
https://github.com/FreshRSS/FreshRSS/pull/715
This commit is contained in:
Alexandre Alapetite
2015-03-22 22:54:29 +01:00
parent 1a35e2271d
commit ad9fe52f5a
5 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Models/Feed.php
View File

@@ -240,7 +240,7 @@ class FreshRSS_Feed extends Minz_Model {
$subscribe_url = $feed->subscribe_url(true);
}
$clean_url = url_remove_credentials($subscribe_url);
$clean_url = SimplePie_Misc::url_remove_credentials($subscribe_url);
if ($subscribe_url !== null && $subscribe_url !== $url) {
$this->_url($clean_url);
}

4
lib/SimplePie/SimplePie.php
View File

@@ -1554,14 +1554,14 @@ class SimplePie
if ($this->data['md5'] === $md5) {
if ($this->syslog_enabled)
{
syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url);
syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url));
}
$cache->touch();
return true; //Content unchanged even though server did not send a 304
} else {
if ($this->syslog_enabled)
{
syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url);
syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url));
}
$this->data['md5'] = $md5;
}

2
lib/SimplePie/SimplePie/File.php
View File

@@ -81,7 +81,7 @@ class SimplePie_File
{
if ($syslog_enabled)
{
syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS
syslog(LOG_INFO, 'SimplePie GET ' . SimplePie_Misc::url_remove_credentials($url)); //FreshRSS
}
if ($useragent === null)
{

10
lib/SimplePie/SimplePie/Misc.php
View File

@@ -2240,5 +2240,15 @@ function embed_wmedia(width, height, link) {
{
// No-op
}
/**
* Sanitize a URL by removing HTTP credentials.
* @param $url the URL to sanitize.
* @return the same URL without HTTP credentials.
*/
function url_remove_credentials($url) //FreshRSS
{
return preg_replace('#(?<=//)[^/:@]+:[^/:@]+@#', '', $url);
}
}

12
lib/lib_rss.php
View File

@@ -181,7 +181,7 @@ function sanitizeHTML($data, $base = '') {
function get_content_by_parsing ($url, $path) {
require_once (LIB_PATH . '/lib_phpQuery.php');
Minz_Log::notice('FreshRSS GET ' . url_remove_credentials($url));
Minz_Log::notice('FreshRSS GET ' . SimplePie_Misc::url_remove_credentials($url));
$html = file_get_contents ($url);
if ($html) {
@@ -430,13 +430,3 @@ function array_push_unique(&$array, $value) {
function array_remove(&$array, $value) {
$array = array_diff($array, array($value));
}
/**
* Sanitize a URL by removing HTTP credentials.
* @param $url the URL to sanitize.
* @return the same URL without HTTP credentials.
*/
function url_remove_credentials($url) {
return preg_replace('/[^\/]*:[^:]*@/', '', $url);
}