stklcode/statify-blacklist
stklcode/statify-blacklist
1
0
Fork 0
Code Issues Actions Releases 21 Activity

sanitize referer URI

Browse Source
This commit is contained in:
Stefan Kalscheuer 2020-05-10 12:00:41 +02:00
parent d343dda6ff
commit 31c04d6b92
1 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
inc/class-statifyblacklist.php
View File

@ -226,9 +226,7 @@ class StatifyBlacklist {
// Regular Expression filtering since 1.3.0.
if ( isset( self::$options['target']['regexp'] ) && 0 < self::$options['target']['regexp'] ) {
// Get full referer string.
// @codingStandardsIgnoreStart The globals are checked.
$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
// @codingStandardsIgnoreEnd
$target = ( isset( $_SERVER['REQUEST_URI'] ) ? filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_URL ) : '/' );
// Merge given regular expressions into one.
$regexp = self::regex(
array_keys( self::$options['target']['blacklist'] ),
@ -241,9 +239,7 @@ class StatifyBlacklist {
}
} else {
// Extract target page.
// @codingStandardsIgnoreStart The globals are checked.
$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
// @codingStandardsIgnoreEnd
$target = ( isset( $_SERVER['REQUEST_URI'] ) ? filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_URL ) : '/' );
// Get blacklist.
$blacklist = self::$options['target']['blacklist'];
// Check blacklist.