1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Duplicate [1.2.5] Steam/TS3 protocol links automatically have http:// prepended which breaks them

Discussion in 'Resolved Bug Reports' started by theirongiant, Mar 3, 2014.

  1. theirongiant

    theirongiant New Member

    Putting a steam link in a post (i.e. steam://connect/ breaks because it's automatically changed to http://steam://connect/
    Same with teamspeak3 links

    Adding the bolded text in the following files will fix it:

    Line 1319: else if (!val.match(/^https?:|steam:|ts3server:|ftp:/i))
    NB: a minified version of the edited file should be saved to js/xenforo/

    Line 811: if (preg_match('#^(https?|ftp|steam|ts3server)://#i', $url))

    Line 136: '#(?<=[^a-z0-9@-]|^)(https?://|ftp://|steam://|ts3server://|www\.)[^\s"]+#i',

    Line 238: '#(?<=[^a-z0-9@-]|^)(https?://|ftp://|steam://|ts3server://|www\.)[^\s"]+#i',

    Line 476: if (preg_match('#^(https?|steam|ts3server|ftp)://#i', $url))
    Last edited: Mar 3, 2014
    alksandr likes this.
  2. theirongiant

    theirongiant New Member

    Apologies, I've just noticed that someone else had asked this question and it had been moved to resolved and marked 'as designed' with security issues given as the reason. Are there any security implications with the fix I've given?
  3. Ralle

    Ralle Active Member

    As long as it is a whitelist and not a wildcard before the :// there should be no issues except for the fact that the guys have to maintain a big list of "protocols".
  4. silence

    silence Well-Known Member

    Ugh there needs to be a better way :(

Share This Page