LDAP: Added TLS support

[bookstack] / app / Providers / AppServiceProvider.php

diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index b46a716cc4e0e985b287f233437b66eafcca7357..f418153997286e5636e754279be147e753171ec7 100644 (file)
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -34,7 +34,7 @@ class AppServiceProvider extends ServiceProvider
 
         // Custom validation methods
         Validator::extend('image_extension', function ($attribute, $value, $parameters, $validator) {
-            $validImageExtensions = ['png', 'jpg', 'jpeg', 'bmp', 'gif', 'tiff', 'webp'];
+            $validImageExtensions = ['png', 'jpg', 'jpeg', 'gif', 'webp'];
             return in_array(strtolower($value->getClientOriginalExtension()), $validImageExtensions);
         });
 
@@ -43,12 +43,19 @@ class AppServiceProvider extends ServiceProvider
             return substr_count($uploadName, '.') < 2;
         });
 
+        Validator::extend('safe_url', function ($attribute, $value, $parameters, $validator) {
+            $cleanLinkName = strtolower(trim($value));
+            $isJs = strpos($cleanLinkName, 'javascript:') === 0;
+            $isData = strpos($cleanLinkName, 'data:') === 0;
+            return !$isJs && !$isData;
+        });
+
         // Custom blade view directives
         Blade::directive('icon', function ($expression) {
             return "<?php echo icon($expression); ?>";
         });
 
-        Blade::directive('exposeTranslations', function($expression) {
+        Blade::directive('exposeTranslations', function ($expression) {
             return "<?php \$__env->startPush('translations'); ?>" .
                 "<?php foreach({$expression} as \$key): ?>" .
                 '<meta name="translation" key="<?php echo e($key); ?>" value="<?php echo e(trans($key)); ?>">' . "\n" .