From c2f74d49cbb49c3b201ff528491efc39367c8080 Mon Sep 17 00:00:00 2001
From: "Alexander A. Klimov" <alexander.klimov@icinga.com>
Date: Tue, 16 Jan 2018 15:40:08 +0100
Subject: [PATCH] InternalUrlValidator: prevent circumvention by URLs on the
 same VHost

---
 library/Icinga/Web/Form/Validator/InternalUrlValidator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/Icinga/Web/Form/Validator/InternalUrlValidator.php b/library/Icinga/Web/Form/Validator/InternalUrlValidator.php
index 07726824a..424e77ff8 100644
--- a/library/Icinga/Web/Form/Validator/InternalUrlValidator.php
+++ b/library/Icinga/Web/Form/Validator/InternalUrlValidator.php
@@ -16,7 +16,7 @@ class InternalUrlValidator extends Zend_Validate_Abstract
      */
     public function isValid($value)
     {
-        if (Url::fromPath($value)->isExternal()) {
+        if (Url::fromPath($value)->getRelativeUrl() === '') {
             $this->_error('IS_EXTERNAL');
 
             return false;