AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 10:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added sanitize_url function to strip out unsupported URI Schemas schema:// if not on the allow list it will show unsupport://URL

Browse Source
This commit is contained in:
johnnyq
2025-06-09 20:28:10 -04:00
parent 680dbb04ce
commit d79a17adb0
6 changed files with 54 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
includes/side_nav.php
View File

@@ -211,7 +211,7 @@
while ($row = mysqli_fetch_array($sql_custom_links)) {
$custom_link_name = nullable_htmlentities($row['custom_link_name']);
$custom_link_uri = nullable_htmlentities($row['custom_link_uri']);
$custom_link_uri = sanitize_url($row['custom_link_uri']);
$custom_link_icon = nullable_htmlentities($row['custom_link_icon']);
$custom_link_new_tab = intval($row['custom_link_new_tab']);
if ($custom_link_new_tab == 1) {