From 8ab5fddafd637aee39b3045af5f313ef333c4427 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sun, 26 Mar 2023 18:46:16 -0400 Subject: [PATCH] Don't try to follow remote item from non-URI or scheme-less URI - Address https://github.com/friendica/friendica/issues/12486#issuecomment-1407679388 - Address https://github.com/friendica/friendica/issues/12486#issuecomment-1433112562 --- src/Module/Contact/Follow.php | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/src/Module/Contact/Follow.php b/src/Module/Contact/Follow.php index 57e9ff634a..0199aca78f 100644 --- a/src/Module/Contact/Follow.php +++ b/src/Module/Contact/Follow.php @@ -40,6 +40,7 @@ use Friendica\Network\HTTPException\ForbiddenException; use Friendica\Network\Probe; use Friendica\Util\Profiler; use Friendica\Util\Strings; +use GuzzleHttp\Psr7\Uri; use Psr\Log\LoggerInterface; class Follow extends BaseModule @@ -223,17 +224,26 @@ class Follow extends BaseModule protected function followRemoteItem(string $url) { - $itemId = Item::fetchByLink($url, $this->session->getLocalUserId()); - if (!$itemId) { - // If the user-specific search failed, we search and probe a public post - $itemId = Item::fetchByLink($url); - } - - if (!empty($itemId)) { - $item = Post::selectFirst(['guid'], ['id' => $itemId]); - if (!empty($item['guid'])) { - $this->baseUrl->redirect('display/' . $item['guid']); + try { + $uri = new Uri($url); + if (!$uri->getScheme()) { + return; } + + $itemId = Item::fetchByLink($url, $this->session->getLocalUserId()); + if (!$itemId) { + // If the user-specific search failed, we search and probe a public post + $itemId = Item::fetchByLink($url); + } + + if (!empty($itemId)) { + $item = Post::selectFirst(['guid'], ['id' => $itemId]); + if (!empty($item['guid'])) { + $this->baseUrl->redirect('display/' . $item['guid']); + } + } + } catch (\InvalidArgumentException $e) { + return; } } }