From 714de58180072a5563ae1f3d96b8697892f20506 Mon Sep 17 00:00:00 2001
From: Martin Herkt <lachs0r@srsfckn.biz>
Date: Sun, 1 Jan 2017 21:03:38 +0100
Subject: add more URL validation

Turns out ShareX users and shell script authors are fucking retarded.
---
 fhost.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fhost.py b/fhost.py
index 4874196..48a0c93 100755
--- a/fhost.py
+++ b/fhost.py
@@ -107,7 +107,7 @@ def shorten(url):
     if len(url) > app.config["MAX_URL_LENGTH"]:
         abort(414)
 
-    if not url_valid(url) or is_fhost_url(url):
+    if not url_valid(url) or is_fhost_url(url) or "\n" in url:
         abort(400)
 
     existing = URL.query.filter_by(url=url).first()
-- 
cgit v1.2.3