Compare end of domains when checking known SSL whitelist.

For example: "imgur.com.mysite.com" should not match the "imgur.com" whitelist entry.

diff --git a/plugins/af_zz_imgproxy/init.php b/plugins/af_zz_imgproxy/init.php
index 5fab3b7b8940df1461584524de1e03359f536eff..8419b8a8747ca8221c92500d698f9db8dcb721f6 100644 (file)
--- a/plugins/af_zz_imgproxy/init.php
+++ b/plugins/af_zz_imgproxy/init.php
@@ -124,7 +124,7 @@ class Af_Zz_ImgProxy extends Plugin {
                                $parts = parse_url($url);
 
                                foreach (explode(" " , $this->ssl_known_whitelist) as $host) {
-                                       if (strpos($parts['host'], $host) !== FALSE) {
+                                       if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) {
                                                $parts['scheme'] = 'https';
 
                                                return build_url($parts);