summaryrefslogtreecommitdiff
path: root/classes/Feeds.php
diff options
context:
space:
mode:
Diffstat (limited to 'classes/Feeds.php')
-rw-r--r--classes/Feeds.php7
1 files changed, 6 insertions, 1 deletions
diff --git a/classes/Feeds.php b/classes/Feeds.php
index 1900b40f1..e76044060 100644
--- a/classes/Feeds.php
+++ b/classes/Feeds.php
@@ -999,7 +999,7 @@ class Feeds extends Handler_Protected {
* Here you should call extractfeedurls in rpc-backend
* to get all possible feeds.
* 5 - Couldn't download the URL content.
- * 6 - currently unused
+ * 6 - Feed parsing failure (invalid content)
* 7 - Error while creating feed database entry.
* 8 - Permission denied (ACCESS_LEVEL_READONLY).
*/
@@ -1059,6 +1059,11 @@ class Feeds extends Handler_Protected {
$url = key($feedUrls);
}
+ // Don't allow subscribing if the content is invalid
+ $fp = new FeedParser($contents);
+ if ($fp->error() || $fp->get_type() === FeedParser::FEED_UNKNOWN)
+ return ['code' => 6, 'message' => truncate_string(clean($contents), 250, '…')];
+
$feed = ORM::for_table('ttrss_feeds')
->where('feed_url', $url)
->where('owner_uid', $_SESSION['uid'])
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-11-14 17:46:50 +0000