From e71672a4092e7795b6ba7f27675fb6316782495c Mon Sep 17 00:00:00 2001 From: Mike Macgirvin Date: Mon, 30 Aug 2010 20:59:56 -0700 Subject: [PATCH] acct uri may have double slashes after scheme, may be url encoded --- mod/xrd.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mod/xrd.php b/mod/xrd.php index 5d43147a70..c6c5515c53 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -3,8 +3,11 @@ function xrd_content(&$a) { - $uri = notags(trim($_GET['uri'])); + $uri = urldecode(notags(trim($_GET['uri']))); $local = str_replace('acct:', '', $uri); + if(substr($local,0,2) == '//') + $local = substr($local,2); + $name = substr($local,0,strpos($local,'@')); $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1",