From 31c04d6b922cb37db226c3ca0595ab20a4bb7b6b Mon Sep 17 00:00:00 2001
From: Stefan Kalscheuer <stefan@stklcode.de>
Date: Sun, 10 May 2020 12:00:41 +0200
Subject: [PATCH] sanitize referer URI

---
 inc/class-statifyblacklist.php | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/inc/class-statifyblacklist.php b/inc/class-statifyblacklist.php
index 05b9b12..17718e3 100644
--- a/inc/class-statifyblacklist.php
+++ b/inc/class-statifyblacklist.php
@@ -226,9 +226,7 @@ class StatifyBlacklist {
 			// Regular Expression filtering since 1.3.0.
 			if ( isset( self::$options['target']['regexp'] ) && 0 < self::$options['target']['regexp'] ) {
 				// Get full referer string.
-				// @codingStandardsIgnoreStart The globals are checked.
-				$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
-				// @codingStandardsIgnoreEnd
+				$target = ( isset( $_SERVER['REQUEST_URI'] ) ? filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_URL ) : '/' );
 				// Merge given regular expressions into one.
 				$regexp = self::regex(
 					array_keys( self::$options['target']['blacklist'] ),
@@ -241,9 +239,7 @@ class StatifyBlacklist {
 				}
 			} else {
 				// Extract target page.
-				// @codingStandardsIgnoreStart The globals are checked.
-				$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
-				// @codingStandardsIgnoreEnd
+				$target = ( isset( $_SERVER['REQUEST_URI'] ) ? filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_URL ) : '/' );
 				// Get blacklist.
 				$blacklist = self::$options['target']['blacklist'];
 				// Check blacklist.