cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: [bookmarks] added more error handling for malformed bookmarks

pull/170/merge
iglocska 2024-09-17 07:57:25 +02:00
parent 4f42d504c5
commit 6f31082a71
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
2 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Model/Table/UserSettingsTable.php
View File

@ -144,9 +144,13 @@ class UserSettingsTable extends AppTable
*/ */
public function validURI(String $uri): bool public function validURI(String $uri): bool
{ {
$parsed = parse_url($uri); try {
$isLocalPath = empty($parsed['scheme']) && empty($parsed['domain']) && !empty($parsed['path']); $parsed = parse_url($uri);
$isValidURL = !empty($parsed['scheme']) && in_array($parsed['scheme'], ['http', 'https']) && filter_var($uri, FILTER_SANITIZE_URL); $isLocalPath = empty($parsed['scheme']) && empty($parsed['domain']) && !empty($parsed['path']);
$isValidURL = !empty($parsed['scheme']) && in_array($parsed['scheme'], ['http', 'https']) && filter_var($uri, FILTER_SANITIZE_URL);
} catch (\Exception $e) {
return false;
}
return $isLocalPath || $isValidURL; return $isLocalPath || $isValidURL;
} }
} }

6
templates/Instance/home.php
View File

@ -18,16 +18,16 @@ $this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings')
<ul class="col-sm-12 col-md-10 col-l-8 col-xl-8 mb-3"> <ul class="col-sm-12 col-md-10 col-l-8 col-xl-8 mb-3">
<?php foreach ($bookmarks as $bookmark) : ?> <?php foreach ($bookmarks as $bookmark) : ?>
<li class="list-group-item"> <li class="list-group-item">
<?php if ($this->userSettingsTable->validURI($bookmark['url'])): ?> <?php if (!empty($bookmark['url']) && $this->userSettingsTable->validURI($bookmark['url'])): ?>
<a href="<?= h($bookmark['url']) ?>" class="w-bold"> <a href="<?= h($bookmark['url']) ?>" class="w-bold">
<?= h($bookmark['label']) ?> <?= h($bookmark['label']) ?>
</a> </a>
<?php else: ?> <?php else: ?>
<span class="w-bold"> <span class="w-bold">
<?= h($bookmark['url']) ?> <?= !empty($bookmark['url']) ? h($bookmark['url']) : '' ?>
</span> </span>
<?php endif; ?> <?php endif; ?>
<span class="ms-3 fw-light"><?= h($bookmark['name']) ?></span> <span class="ms-3 fw-light"><?= !empty($bookmark['name']) ? h($bookmark['name']): '' ?></span>
</li> </li>
<?php endforeach; ?> <?php endforeach; ?>
</ul> </ul>