From aacba5b1a82057e48405cd812bad4a758d951cc1 Mon Sep 17 00:00:00 2001
From: Dag <me@dvikan.no>
Date: Wed, 21 Sep 2022 23:07:56 +0200
Subject: [PATCH] fix: too strict url validation in feed item (#3058)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Urls such as https://example.com/réponse were rejected

Fix https://github.com/RSS-Bridge/rss-bridge/issues/3018#issuecomment-1254159203
---
 lib/FeedItem.php | 28 +++++++++-------------------
 1 file changed, 9 insertions(+), 19 deletions(-)

diff --git a/lib/FeedItem.php b/lib/FeedItem.php
index 7a32ef9a..a59b0b03 100644
--- a/lib/FeedItem.php
+++ b/lib/FeedItem.php
@@ -154,27 +154,17 @@ class FeedItem
                 Debug::log('The item provided as URI is unknown!');
             }
         }
-
         if (!is_string($uri)) {
-            Debug::log('URI must be a string!');
-        } elseif (
-            !filter_var(
-                $uri,
-                FILTER_VALIDATE_URL,
-                FILTER_FLAG_PATH_REQUIRED
-            )
-        ) {
-            Debug::log(sprintf('Not a valid url: "%s"', $uri));
-        } else {
-            $scheme = parse_url($uri, PHP_URL_SCHEME);
-
-            if ($scheme !== 'http' && $scheme !== 'https') {
-                Debug::log('URI scheme must be "http" or "https"!');
-            } else {
-                $this->uri = trim($uri);
-            }
+            Debug::log(sprintf('Expected $uri to be string but got %s', gettype($uri)));
+            return $this;
         }
-
+        $uri = trim($uri);
+        // Intentionally doing a weak url validation here because FILTER_VALIDATE_URL is too strict
+        if (!preg_match('#^https?://#i', $uri)) {
+            Debug::log(sprintf('Not a valid url: "%s"', $uri));
+            return $this;
+        }
+        $this->uri = $uri;
         return $this;
     }