From a22cb98365e7fd6f11ba30fc58b55dca15055b90 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Tue, 30 Apr 2013 21:01:53 +0300
Subject: [PATCH] Check if URL is valid

---
 ajax/editBookmark.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ajax/editBookmark.php b/ajax/editBookmark.php
index 94cdd77c..15d7b507 100644
--- a/ajax/editBookmark.php
+++ b/ajax/editBookmark.php
@@ -27,6 +27,12 @@ OCP\JSON::callCheck();
 
 OCP\JSON::checkAppEnabled('bookmarks');
 
+// Check if it is a valid URL
+if (filter_var($_POST['url'], FILTER_VALIDATE_URL) === FALSE) {
+	OC_JSON::error();
+	exit();
+}
+
 // If we go the dialog form submit
 if(isset($_POST['url'])) {
 	$title = isset($_POST['title']) ? $_POST['title'] : '';