From ed61b3854f71cb6e820f67acbcfb9970d6f33ba9 Mon Sep 17 00:00:00 2001 From: TimZ99 Date: Wed, 5 Sep 2018 23:44:20 +0200 Subject: [PATCH] Fixed regex to prevent false negatives Would fail if: - location wat written without capital letter. - the server redirected to www. - there was no / at the end of the url. --- src/psm/Util/Server/Updater/StatusUpdater.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/psm/Util/Server/Updater/StatusUpdater.php b/src/psm/Util/Server/Updater/StatusUpdater.php index 3e9fffab..e4505487 100644 --- a/src/psm/Util/Server/Updater/StatusUpdater.php +++ b/src/psm/Util/Server/Updater/StatusUpdater.php @@ -287,13 +287,15 @@ class StatusUpdater { // Check if the website redirects to another domain if ($this->server['redirect_check'] == 'bad'){ $location_matches = array(); - preg_match('/(Location: )(https*:\/\/)([a-zA-Z.:0-9]*)([\/][[:alnum:][:punct:]]*)/', $curl_result, $location_matches); - $ip_matches = array(); - preg_match('/(https*:\/\/)([a-zA-Z.:0-9]*)([\/][[:alnum:][:punct:]]*)/', $this->server['ip'], $ip_matches); - if($location_matches[3] !== $ip_matches[2]){ - $this->error = "The IP/URL redirects to another domain."; - $result = false; - } + preg_match('/([Ll]ocation: )(https*:\/\/)(www.)?([a-zA-Z.:0-9]*)([\/][[:alnum:][:punct:]]*)/', $curl_result, $location_matches); + if(!empty($location_matches)) { + $ip_matches = array(); + preg_match('/(https*:\/\/)(www.)?([a-zA-Z.:0-9]*)([\/][[:alnum:][:punct:]]*)?/', $this->server['ip'], $ip_matches); + if (strtolower($location_matches[4]) !== strtolower($ip_matches[3])) { + $this->error = "The IP/URL redirects to another domain."; + $result = false; + } + } } // Should we check a header ?