From 74b76ac1758a066892c6fc530acfcde29319ee9a Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Sun, 23 Jun 2019 23:31:07 -0600
Subject: [PATCH] Update PrivacySettings

---
 app/Http/Controllers/Settings/PrivacySettings.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/Settings/PrivacySettings.php b/app/Http/Controllers/Settings/PrivacySettings.php
index d3283c921..8e987ab68 100644
--- a/app/Http/Controllers/Settings/PrivacySettings.php
+++ b/app/Http/Controllers/Settings/PrivacySettings.php
@@ -10,6 +10,7 @@ use App\Profile;
 use App\User;
 use App\UserFilter;
 use App\Util\Lexer\PrettyNumber;
+use App\Util\ActivityPub\Helpers;
 use Auth, Cache, DB;
 use Illuminate\Http\Request;
 
@@ -134,9 +135,13 @@ trait PrivacySettings
     public function blockedInstanceStore(Request $request)
     {
         $this->validate($request, [
-            'domain' => 'required|active_url'
+            'domain' => 'required|url|min:1|max:120'
         ]);
         $domain = $request->input('domain');
+        if(Helpers::validateUrl($domain) == false) {
+            return abort(400, 'Invalid domain');
+        }
+        $domain = parse_url($domain, PHP_URL_HOST);
         $instance = Instance::firstOrCreate(['domain' => $domain]);
         $filter = new UserFilter;
         $filter->user_id = Auth::user()->profile->id;