fix: too strict url validation in feed item (#3058)

Urls such as https://example.com/réponse were rejected Fix https://github.com/RSS-Bridge/rss-bridge/issues/3018#issuecomment-1254159203
2022-09-21 23:07:56 +02:00 · 2022-09-21 23:07:56 +02:00 · aacba5b1a8
parent 9d871e8a45
commit aacba5b1a8
1 changed files with 9 additions and 19 deletions
--- a/lib/FeedItem.php
+++ b/lib/FeedItem.php
@ -154,27 +154,17 @@ class FeedItem
                Debug::log('The item provided as URI is unknown!');
            }
        }
-
        if (!is_string($uri)) {
-            Debug::log('URI must be a string!');
-        } elseif (
-            !filter_var(
-                $uri,
-                FILTER_VALIDATE_URL,
-                FILTER_FLAG_PATH_REQUIRED
-            )
-        ) {
-            Debug::log(sprintf('Not a valid url: "%s"', $uri));
-        } else {
-            $scheme = parse_url($uri, PHP_URL_SCHEME);
-
-            if ($scheme !== 'http' && $scheme !== 'https') {
-                Debug::log('URI scheme must be "http" or "https"!');
-            } else {
-                $this->uri = trim($uri);
-            }
+            Debug::log(sprintf('Expected $uri to be string but got %s', gettype($uri)));
+            return $this;
        }
-
+        $uri = trim($uri);
+        // Intentionally doing a weak url validation here because FILTER_VALIDATE_URL is too strict
+        if (!preg_match('#^https?://#i', $uri)) {
+            Debug::log(sprintf('Not a valid url: "%s"', $uri));
+            return $this;
+        }
+        $this->uri = $uri;
        return $this;
    }