Trim URL in StringUtil::getAnchorTag()

The regular expressions won’t match with a space in front of the URL, this, for example, allows circumvention of the external URL check.

diff --git a/wcfsetup/install/files/lib/util/StringUtil.class.php b/wcfsetup/install/files/lib/util/StringUtil.class.php
index 5cd0acfecf1f96f00b79396eb87d1b27ea1c1951..d45e02506b739b0844f2fc7383b0768ff931a4a5 100644 (file)
--- a/wcfsetup/install/files/lib/util/StringUtil.class.php
+++ b/wcfsetup/install/files/lib/util/StringUtil.class.php
@@ -740,6 +740,8 @@ final class StringUtil {
         * @return      string          anchor tag
         */
        public static function getAnchorTag($url, $title = '', $encodeTitle = true) {
+               $url = self::trim($url);
+               
                $external = true;
                if (ApplicationHandler::getInstance()->isInternalURL($url)) {
                        $external = false;