process_media_source() string replacement breaks styles registered with "../" in path

[px-progers]

I'm running up against an issue where minification does not work for plugins who register styles with "../" in their path.

One plugin in particular that does this, is Ultimate VC Addons. The enqueue/register functions look like:

wp_enqueue_style("ult-icons", plugins_url("../assets/css/icons.css",__FILE__));

This shows up in the bwp enqueued styles list as:

wp-content/plugins/Ultimate_VC_Addons/modules/./assets/css/icons.css`

Which causes the request to look like

http://domain.tld/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/Ultimate_VC_Addons/modules/./assets/css/icons.css

Resulting in the minification error:

Minify The path "/home/vagrant/domain.tld/wordpress/wp-content/plugins/Ultimate_VC_Addons/modules/./assets/css/icons.css" (realpath "") could not be found (or was not a file) /home/vagrant/domain.tld/wordpress/wp-content/plugins/bwp-minify/min/lib/FirePHP.php:387

I have traced this down to the string replace function in class-bwp-minify.php:2679:

$src = str_replace('./', '/', $src);

Commenting out this line resolves the issue, and minifies the script as desired with no error.

Resolves: https://wordpress.org/support/topic/urls-with-parent-directory-references-break https://wordpress.org/support/topic/plugin-breaks-link-path?replies=1#post-8259533

[kminh]

Thanks for reporting. This was done to make sure the source is valid for Minify, but I guess we need a better method.

[mootari]

May I suggest:

$src = preg_replace('#(^|/)\./#', '/', $src);

Also, Minify is sanitizing paths via realpath() anyway (in Controller/Files.php), so I'm not quite sure why this is necessary.