Skip to content
Snippets Groups Projects
Commit 83cbb341 authored by Angie Byron's avatar Angie Byron
Browse files

Issue #2096855 by zero2one: Fixed FilterHtmlImageSecure does not support... 

Issue #2096855 by zero2one: Fixed FilterHtmlImageSecure does not support images with spaces in the filename.
parent 1cdfe372
No related branches found
No related tags found
2 merge requests!7452Issue #1797438. HTML5 validation is preventing form submit and not fully...,!789Issue #3210310: Adjust Database API to remove deprecated Drupal 9 code in Drupal 10
Hide whitespace changes
Inline Side-by-side
core/modules/filter/filter.module
+ 1
0
View file @ 83cbb341
......@@ -1391,6 +1391,7 @@ function _filter_html_image_secure_process($text) {
// Ensure the path refers to an actual image by prefixing the image source
// with the Drupal root and running getimagesize() on it.
$local_image_path = $local_dir . drupal_substr($src, $base_path_length);
$local_image_path = rawurldecode($local_image_path);
if (@getimagesize($local_image_path)) {
// The image has the right path. Erroneous images are dealt with below.
continue;
......
core/modules/filter/lib/Drupal/filter/Tests/FilterHtmlImageSecureTest.php
+ 8
0
View file @ 83cbb341
......@@ -94,6 +94,12 @@ function testImageSource() {
$test_images = $this->drupalGetTestFiles('image');
$test_image = $test_images[0]->filename;
// Put a test image in the files directory with special filename.
$special_filename = 'tést fïle nàme.png';
$special_image = rawurlencode($special_filename);
$special_uri = str_replace($test_images[0]->filename, $special_filename, $test_images[0]->uri);
file_unmanaged_copy($test_images[0]->uri, $special_uri);
// Create a list of test image sources.
// The keys become the value of the IMG 'src' attribute, the values are the
// expected filter conversions.
......@@ -111,6 +117,8 @@ function testImageSource() {
$files_path . '/' . $test_image => $files_path . '/' . $test_image,
$http_base_url . '/' . $public_files_path . '/' . $test_image => $files_path . '/' . $test_image,
$https_base_url . '/' . $public_files_path . '/' . $test_image => $files_path . '/' . $test_image,
$http_base_url . '/' . $public_files_path . '/' . $special_image => $files_path . '/' . $special_image,
$https_base_url . '/' . $public_files_path . '/' . $special_image => $files_path . '/' . $special_image,
$files_path . '/example.png' => $red_x_image,
'http://example.com/' . $druplicon => $red_x_image,
'https://example.com/' . $druplicon => $red_x_image,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment