From ff16fd7d9c5cd34fb80f6e6be807148d708e6650 Mon Sep 17 00:00:00 2001
From: Jake Barnby <jakeb994@gmail.com>
Date: Wed, 30 Aug 2023 02:14:19 -0400
Subject: [PATCH] Check link after fetching page as well

---
 app/controllers/api/avatars.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/controllers/api/avatars.php b/app/controllers/api/avatars.php
index b92943acbb..3b93348643 100644
--- a/app/controllers/api/avatars.php
+++ b/app/controllers/api/avatars.php
@@ -412,6 +412,12 @@ App::get('/v1/avatars/favicon')
             $outputExt = 'ico';
         }
 
+        $domain = new Domain(\parse_url($outputHref, PHP_URL_HOST));
+
+        if (!$domain->isKnown()) {
+            throw new Exception(Exception::AVATAR_REMOTE_URL_FAILED);
+        }
+
         if ('ico' == $outputExt) { // Skip crop, Imagick isn\'t supporting icon files
             $data = @\file_get_contents($outputHref, false);