diff options
| -rw-r--r-- | phpBB/includes/message_parser.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 211a7f22b0..f5b86b00a6 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -950,6 +950,12 @@ class bbcode_firstpass extends bbcode if ($pos_domain !== false && $pos_path >= $pos_domain && $pos_ext >= $pos_path) { + // Ok, actually we allow linking to some files (this may be able to be extended in some way later...) + if (strpos($url, '/' . $check_path . '/download.' . $phpEx) !== 0) + { + return false; + } + return true; } } |