<?php
function urlWhitelisted($url)
{
$always_allowed = array('localhost');
$whitelisted_domains = array_merge(array('somedomain.com'), $always_allowed);
// partly snatched from https://gist.github.com/mjangda/1623788
// Add http if missing(to satisfy parse_url())
if (strpos($url, "/") !== 0 && strpos($url, "http") !== 0) {
$url = 'http://' . $url;
}
$domain = parse_url($url, PHP_URL_HOST);
if (strpos($url, "/") === 0 || in_array($domain, $whitelisted_domains)) {
return true;
}
foreach ($whitelisted_domains as $whitelisted_domain) {
$whitelisted_domain = '.' . $whitelisted_domain;
if (strpos($domain, $whitelisted_domain) === (strlen($domain) - strlen($whitelisted_domain))) {
return true;
}
}
return false;
}
$domains = array('/user', 'localhost/user', 'http://localhost:4039', 'http://somedomain.com/user', 'http://google.com', 'google.com', 'somedomain.com.google.com', '()786754iusdafbiu767566&%€#');
foreach($domains as $domain) {
var_dump(urlWhitelisted($domain));
}
preferences:
49.56 ms | 402 KiB | 5 Q