From f4817cf4f50a5d95fb64201b8bbe8988af44c4bf Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Thu, 18 Mar 2021 11:51:22 +0100
Subject: [PATCH] Use RedirectGuard during URL unfurling

---
 .../files/lib/system/message/unfurl/UnfurlResponse.class.php  | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/wcfsetup/install/files/lib/system/message/unfurl/UnfurlResponse.class.php b/wcfsetup/install/files/lib/system/message/unfurl/UnfurlResponse.class.php
index 85f4102158..f53b8c0cf4 100644
--- a/wcfsetup/install/files/lib/system/message/unfurl/UnfurlResponse.class.php
+++ b/wcfsetup/install/files/lib/system/message/unfurl/UnfurlResponse.class.php
@@ -10,6 +10,7 @@ use GuzzleHttp\Psr7\Request;
 use GuzzleHttp\Psr7\Response;
 use GuzzleHttp\RequestOptions;
 use Psr\Http\Client\ClientExceptionInterface;
+use wcf\system\io\http\RedirectGuard;
 use wcf\system\io\HttpFactory;
 use wcf\system\message\unfurl\exception\DownloadFailed;
 use wcf\system\message\unfurl\exception\ParsingFailed;
@@ -329,6 +330,9 @@ final class UnfurlResponse
                 RequestOptions::HEADERS => [
                     'user-agent' => HttpFactory::getDefaultUserAgent("UrlUnfurling"),
                 ],
+                RequestOptions::ALLOW_REDIRECTS => [
+                    'on_redirect' => new RedirectGuard(),
+                ],
             ]);
         }
 
-- 
2.20.1