SSRF issue on postload.php #84
Description
Since an arbitrary $_GET['url'] can be passed to postload.php, it's possible to force the server to perform arbitrary HTTP GET requests and hit potentially restricted services.
I guess we should ensure that the parameter is present in the OPML file before trying to fetch the feed.