From 2c497a9a3ea099079bbcd1eb21725b0ed54b529d Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 30 Apr 2024 15:47:57 +0200
Subject: [PATCH] Add protocol validation when downloading blocklist from URL

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gravity.sh b/gravity.sh
index 636cde0d..c4622ead 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -586,6 +586,12 @@ gravity_DownloadBlocklistFromUrl() {
     fi
   fi
 
+  # Check for allowed protocols
+  if [[ $url != "http"* && $url != "https"* && $url != "file"* && $url != "ftp"* && $url != "ftps"* && $url != "sftp"* ]]; then
+    echo -e "${OVER}  ${CROSS} ${str} Invalid protocol specified, ignoring list"
+    download=false
+  fi
+
   if [[ "${download}" == true ]]; then
     # shellcheck disable=SC2086
     httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" "${url}" -o "${listCurlBuffer}" 2> /dev/null)