diff --git a/include/class.format.php b/include/class.format.php
index 2357e45e5583990767b37298d5dd6ced66517fed..b1bc85b68921e16cd656da461cb5e70f9c93f122 100644
--- a/include/class.format.php
+++ b/include/class.format.php
@@ -345,19 +345,17 @@ class Format {
}
//make urls clickable. Mainly for display
- function clickableurls($text, $trampoline=true) {
+ function clickableurls($text, $target='_blank') {
global $ost;
- $token = $ost->getLinkToken();
-
// Find all text between tags
$text = preg_replace_callback(':^[^<]+|>[^<]+:',
- function($match) use ($token, $trampoline) {
+ function($match) {
// Scan for things that look like URLs
return preg_replace_callback(
'`(?<!>)(((f|ht)tp(s?)://|(?<!//)www\.)([-+~%/.\w]+)(?:[-?#+=&;%@.\w]*)?)'
.'|(\b[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,4})`',
- function ($match) use ($token, $trampoline) {
+ function ($match) {
if ($match[1]) {
while (in_array(substr($match[1], -1),
array('.','?','-',':',';'))) {
@@ -367,13 +365,9 @@ class Format {
if (strpos($match[2], '//') === false) {
$match[1] = 'http://' . $match[1];
}
- if ($trampoline)
- return '<a href="l.php?url='.urlencode($match[1])
- .sprintf('&auth=%s" target="_blank">', $token)
- .$match[1].'</a>'.$match[9];
- else
- return sprintf('<a href="%s">%s</a>%s',
- $match[1], $match[1], $match[9]);
+
+ return sprintf('<a href="%s">%s</a>%s',
+ $match[1], $match[1], $match[9]);
} elseif ($match[6]) {
return sprintf('<a href="mailto:%1$s" target="_blank">%1$s</a>',
$match[6]);
@@ -386,35 +380,20 @@ class Format {
// Now change @href and @src attributes to come back through our
// system as well
$config = array(
- 'hook_tag' => function($e, $a=0) use ($token) {
+ 'hook_tag' => function($e, $a=0) use ($target) {
static $eE = array('area'=>1, 'br'=>1, 'col'=>1, 'embed'=>1,
'hr'=>1, 'img'=>1, 'input'=>1, 'isindex'=>1, 'param'=>1);
if ($e == 'a' && $a) {
- if (isset($a['href'])
- && strpos($a['href'], 'mailto:') !== 0
- && strpos($a['href'], 'l.php?') === false)
- $a['href'] = 'l.php?url='.urlencode($a['href'])
- .'&auth='.$token;
- // ALL link targets open in a new tab
- $a['target'] = '_blank';
+ $a['target'] = $target;
$a['class'] = 'no-pjax';
}
- // Images which are external are rewritten to <div
- // data-src='url...'/>
- elseif ($e == 'span' && $a && isset($a['data-src']))
- $a['data-src'] = 'l.php?url='.urlencode($a['data-src'])
- .'&auth='.$token;
- // URLs for videos need to route too
- elseif ($e == 'iframe' && $a && isset($a['src']))
- $a['src'] = 'l.php?url='.urlencode($a['src'])
- .'&auth='.$token;
+
$at = '';
if (is_array($a)) {
foreach ($a as $k=>$v)
$at .= " $k=\"$v\"";
return "<{$e}{$at}".(isset($eE[$e])?" /":"").">";
- }
- else {
+ } else {
return "</{$e}>";
}
},
diff --git a/include/class.thread.php b/include/class.thread.php
index aa1404d26a8d976bce599bced64e05ce0632b0d6..b6fcf78c304d5c466269213b594f4baa16dae1e4 100644
--- a/include/class.thread.php
+++ b/include/class.thread.php
@@ -1467,7 +1467,7 @@ class HtmlThreadBody extends ThreadBody {
case 'email':
return $this->body;
case 'pdf':
- return Format::clickableurls($this->body, false);
+ return Format::clickableurls($this->body);
default:
return Format::display($this->body);
}
diff --git a/l.php b/l.php
deleted file mode 100644
index a0520a8cbba31e26cd743e3e9546aebd329e0131..0000000000000000000000000000000000000000
--- a/l.php
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
-/*********************************************************************
- l.php
-
- Link redirection
-
- Jared Hancock <jared@osticket.com>
- Copyright (c) 2006-2013 osTicket
- http://www.osticket.com
-
- Released under the GNU General Public License WITHOUT ANY WARRANTY.
- See LICENSE.TXT for details.
-
- vim: expandtab sw=4 ts=4 sts=4:
-**********************************************************************/
-require 'secure.inc.php';
-//Basic url validation + token check.
-
-# PHP < 5.4.7 will not handle a URL like //host.tld/path correctly
-if (!($url=trim($_GET['url'])))
- Http::response(422, __('Invalid URL'));
-
-$check = (strpos($url, '//') === 0) ? 'http:' . $url : $url;
-if (!Validator::is_url($check) || !$ost->validateLinkToken($_GET['auth']))
- Http::response(403, __('URL link not authorized'));
-elseif (strpos($_SERVER['HTTP_ACCEPT'], 'text/html') === false)
- Http::redirect($url);
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
- <meta http-equiv="refresh" content="0;URL=<?php echo $url; ?>"/>
-</head>
-<body/>
-</html>
diff --git a/scp/l.php b/scp/l.php
deleted file mode 100644
index ec4705a0f2763101c2ac2b1b96c3af174793316a..0000000000000000000000000000000000000000
--- a/scp/l.php
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
-/*********************************************************************
- l.php
-
- Link redirection
-
- Jared Hancock <jared@osticket.com>
- Copyright (c) 2006-2013 osTicket
- http://www.osticket.com
-
- Released under the GNU General Public License WITHOUT ANY WARRANTY.
- See LICENSE.TXT for details.
-
- vim: expandtab sw=4 ts=4 sts=4:
-**********************************************************************/
-require_once 'staff.inc.php';
-//Basic url validation + token check.
-
-# PHP < 5.4.7 will not handle a URL like //host.tld/path correctly
-if (!($url=trim($_GET['url'])))
- Http::response(422, __('Invalid URL'));
-
-$check = (strpos($url, '//') === 0) ? 'http:' . $url : $url;
-if (!Validator::is_url($check) || !$ost->validateLinkToken($_GET['auth']))
- Http::response(403, __('URL link not authorized'));
-elseif (strpos($_SERVER['HTTP_ACCEPT'], 'text/html') === false)
- Http::redirect($url);
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
- <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
- <meta http-equiv="refresh" content="0;URL=<?php echo $url; ?>"/>
-</head>
-<body/>
-</html>