From 45e2f385b35f38c081bf5911d9b7460bbd789b15 Mon Sep 17 00:00:00 2001 From: Joshua Coales Date: Thu, 15 Oct 2020 10:08:03 +0100 Subject: [PATCH] [FacebookBridge] Handle mobile links and unify host validation (#1789) --- bridges/FacebookBridge.php | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/bridges/FacebookBridge.php b/bridges/FacebookBridge.php index cb5e30f8..b7681114 100644 --- a/bridges/FacebookBridge.php +++ b/bridges/FacebookBridge.php @@ -215,16 +215,7 @@ class FacebookBridge extends BridgeAbstract { $urlparts = parse_url($group); - if($urlparts['host'] !== parse_url(self::URI)['host'] - && 'www.' . $urlparts['host'] !== parse_url(self::URI)['host']) { - - returnClientError('The host you provided is invalid! Received "' - . $urlparts['host'] - . '", expected "' - . parse_url(self::URI)['host'] - . '"!'); - - } + $this->validateHost($urlparts['host']); return explode('/', $urlparts['path'])[2]; @@ -236,6 +227,24 @@ class FacebookBridge extends BridgeAbstract { } + private function validateHost($provided_host) { + // Handle mobile links + if (strpos($provided_host, 'm.') === 0) { + $provided_host = substr($provided_host, strlen('m.')); + } + + $facebook_host = parse_url(self::URI)['host']; + + if ($provided_host !== $facebook_host + && 'www.' . $provided_host !== $facebook_host) { + returnClientError('The host you provided is invalid! Received "' + . $provided_host + . '", expected "' + . $facebook_host + . '"!'); + } + } + private function isPublicGroup($html) { // Facebook redirects to the groups about page for non-public groups @@ -348,13 +357,7 @@ class FacebookBridge extends BridgeAbstract { $urlparts = parse_url($user); - if($urlparts['host'] !== parse_url(self::URI)['host']) { - returnClientError('The host you provided is invalid! Received "' - . $urlparts['host'] - . '", expected "' - . parse_url(self::URI)['host'] - . '"!'); - } + $this->validateHost($urlparts['host']); if(!array_key_exists('path', $urlparts) || $urlparts['path'] === '/') {