Opened 8 years ago
Last modified 4 years ago
#36766 new enhancement
Improve Source Verification in Pingbacks and Add Filter
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | |
| Component: | Pings/Trackbacks | Keywords: | has-patch |
| Focuses: | Cc: |
Description
Like the do_pings code, the source verification should make a HEAD request to the site, retrieving the content type and rejecting images, video, or audio from being downloaded at all, removing a possible attack vector. The content-type check, which is not currently done by the code, is in the specification. "It then requests the content of http://alice.example.org/#p123 and checks the Content-Type of the entity returned to make sure it is text of some sort."
For display purposes, the content-type should also be passed into the $commentdata for use in preprocessing.
The current code goes through the remote source replacing possible links to content to generate an except. However, while the specification only notes retrieving an 'extract of the page content surrounding the link' as an example of content that might be retrieved, and says nothing about display and most people agree the [...] excerpt display isn't exactly attractive.
The code should verify the source on a plaintext level before anything else and fail immediately, then pass the result of that, along with the source and the retrieved content-type to a filter for more complicated checks if needed. For example, checking to see if it is in proper HTML format(link in a href or some other proper link type).
We treat pingbacks as a comment type, but pingbacks are generated based on the source provided.
Related: #34419