Add feed can read arbitrary files on server

Question

Add feed can read arbitrary files on server

Closed this issue 13 years ago · 3 comments

Answer 1 · 2011-12-20T22:22:15.000Z

Switch add feed to use curl and restrict the protocols it can use

Answer 2 · 2012-01-06T20:25:41.000Z

Committed potential fix using regular expressions and dns lookups. Needs testing to make sure everything works. A better solution in the long term may be to fork simplepie and implement limitations on what it will read.

Answer 3 · 2012-01-25T02:08:25.000Z

Modified SimplePie to provide better fix. Can now call $pie->force_remote(true) to restrict SimplePie from reading local files.
987546a