Wrong regular expression for external image source - Githubissues

JamesHeinrich / phpThumb

phpThumb() - The PHP thumbnail generator

Other

315 stars 98 forks source link

Wrong regular expression for external image source #154

Closed gregordonsky closed 4 years ago

gregordonsky commented 4 years ago

Please add https when checking $CanPassThroughDirectly for external source image

this line: https://github.com/JamesHeinrich/phpThumb/blob/ea233518dfb09284b5491f8e0c149eeb3399498e/phpThumb.php#L439

should be: } elseif (preg_match('#^http(s)?\://[^\\?&]+\\.(jpe?g|gif|png|webp)$#i', $phpThumb->src)) {

and this line: https://github.com/JamesHeinrich/phpThumb/blob/ea233518dfb09284b5491f8e0c149eeb3399498e/phpThumb.php#L441

should be: } elseif (preg_match('#^(f|ht)tp(s)?\://#i', $phpThumb->src)) {

Thanks!

JamesHeinrich commented 4 years ago

Thanks. Fixed in https://github.com/JamesHeinrich/phpThumb/commit/cd68d8575e3b19a6e0f48693d48be9fe2a7471d4

gregordonsky commented 4 years ago

After i looked more deeply, i found that https is missing also in lines:

https://github.com/JamesHeinrich/phpThumb/blob/ea233518dfb09284b5491f8e0c149eeb3399498e/phpThumb.php#L442

https://github.com/JamesHeinrich/phpThumb/blob/ea233518dfb09284b5491f8e0c149eeb3399498e/phpThumb.php#L460

https://github.com/JamesHeinrich/phpThumb/blob/ea233518dfb09284b5491f8e0c149eeb3399498e/phpThumb.php#L494

Thank you

JamesHeinrich commented 4 years ago

Line 442 was fixed in the previous commit, lines 460 and 494 fixed in https://github.com/JamesHeinrich/phpThumb/commit/8dd875d07ab360d9e3532607e49cc63e7aa1a520