From 532d86832cd2ce80a5c7889d689af95ef6378bf9 Mon Sep 17 00:00:00 2001
From: Sven Slootweg <jamsoftgamedev@gmail.com>
Date: Sat, 9 Feb 2013 15:07:43 +0100
Subject: [PATCH] Patch for cURL RCE vuln

---
 public_html/include/include.curl.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/public_html/include/include.curl.php b/public_html/include/include.curl.php
index 125e25f..1496d66 100755
--- a/public_html/include/include.curl.php
+++ b/public_html/include/include.curl.php
@@ -35,6 +35,7 @@ function curl_head($url)
 	curl_setopt($ch, CURLOPT_NOBODY, 1);
 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
+	curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
 	curl_setopt($ch, CURLOPT_USERAGENT, 'AnonNews/2.0 Link Validator - http://www.anonnews.org/');
 	$return_object->result = curl_exec($ch);
 	$error = curl_error($ch); 
@@ -69,6 +70,7 @@ function curl_get($url)
 	curl_setopt($ch, CURLOPT_URL, $url);
 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
+	curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
 	curl_setopt($ch, CURLOPT_USERAGENT, 'AnonNews/2.0 Link Validator (Title Fetcher) - http://www.anonnews.org/');
 	$return_object->result = curl_exec($ch);
 	$error = curl_error($ch);