diff options
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v320/allowed_schemes_links.php | 24 | ||||
| -rw-r--r-- | phpBB/phpbb/textformatter/s9e/factory.php | 19 |
2 files changed, 42 insertions, 1 deletions
diff --git a/phpBB/phpbb/db/migration/data/v320/allowed_schemes_links.php b/phpBB/phpbb/db/migration/data/v320/allowed_schemes_links.php new file mode 100644 index 0000000000..de127e3745 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v320/allowed_schemes_links.php @@ -0,0 +1,24 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v320; + +class allowed_schemes_links extends \phpbb\db\migration\migration +{ + public function update_data() + { + return array( + array('config.add', array('allowed_schemes_links', 'http,https,ftp')), + ); + } +} diff --git a/phpBB/phpbb/textformatter/s9e/factory.php b/phpBB/phpbb/textformatter/s9e/factory.php index 2aab97b667..4a04b34cd8 100644 --- a/phpBB/phpbb/textformatter/s9e/factory.php +++ b/phpBB/phpbb/textformatter/s9e/factory.php @@ -43,6 +43,11 @@ class factory implements \phpbb\textformatter\cache_interface protected $cache_key_renderer; /** + * @var \phpbb\config\config + */ + protected $config; + + /** * @var array Custom tokens used in bbcode.html and their corresponding token from the definition */ protected $custom_tokens = array( @@ -127,16 +132,18 @@ class factory implements \phpbb\textformatter\cache_interface * @param \phpbb\textformatter\data_access $data_access * @param \phpbb\cache\driver\driver_interface $cache * @param \phpbb\event\dispatcher_interface $dispatcher + * @param \phpbb\config\config $config * @param string $cache_dir Path to the cache dir * @param string $cache_key_parser Cache key used for the parser * @param string $cache_key_renderer Cache key used for the renderer */ - public function __construct(\phpbb\textformatter\data_access $data_access, \phpbb\cache\driver\driver_interface $cache, \phpbb\event\dispatcher_interface $dispatcher, $cache_dir, $cache_key_parser, $cache_key_renderer) + public function __construct(\phpbb\textformatter\data_access $data_access, \phpbb\cache\driver\driver_interface $cache, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\config\config $config, $cache_dir, $cache_key_parser, $cache_key_renderer) { $this->cache = $cache; $this->cache_dir = $cache_dir; $this->cache_key_parser = $cache_key_parser; $this->cache_key_renderer = $cache_key_renderer; + $this->config = $config; $this->data_access = $data_access; $this->dispatcher = $dispatcher; } @@ -190,6 +197,16 @@ class factory implements \phpbb\textformatter\cache_interface $vars = array('configurator'); extract($this->dispatcher->trigger_event('core.text_formatter_s9e_configure_before', compact($vars))); + // Reset the list of allowed schemes + foreach ($configurator->urlConfig->getAllowedSchemes() as $scheme) + { + $configurator->urlConfig->disallowScheme($scheme); + } + foreach (explode(',', $this->config['allowed_schemes_links']) as $scheme) + { + $configurator->urlConfig->allowScheme(trim($scheme)); + } + // Convert newlines to br elements by default $configurator->rootRules->enableAutoLineBreaks(); |