search

jprieton / timthumb

Automatically exported from code.google.com/p/timthumb
0 stars 0 forks source link

You may not fetch images from that site. To enable this site in timthumb, you can either add it to $ALLOWED_SITES and set ALLOW_EXTERNAL=true. Or you can set ALLOW_ALL_EXTERNAL_SITES=true, depending on your security needs. #406

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Hello, I am experiencing a very long load time for a website I'm building. I 
think I've narrowed the problem down to my timthumb getting hung up on trying 
to fetch images from external sites. 

Here's the message I'm getting:

"You may not fetch images from that site. To enable this site in timthumb, you 
can either add it to $ALLOWED_SITES and set ALLOW_EXTERNAL=true. Or you can set 
ALLOW_ALL_EXTERNAL_SITES=true, depending on your security needs."

I have attached the timthumb.php file and also an image that shows what I'm 
seeing. 

I would like to set ALLOW_ALL_EXTERNAL_SITES=true. Can someone tell me what 
line this is located in or even change it for me?

Original issue reported on code.google.com by ca...@producerlabs.com on 21 Oct 2012 at 2:51

Attachments:

GoogleCodeExporter commented 8 years ago 
For security reasons it is better to add the particular site you are pulling 
images from to the allowed site list starting at line 125

If you don't mind opening up your site to hacks like the Pharma hack then you 
need to set the line 33 to "true"

33 define ('ALLOW_ALL_EXTERNAL_SITES', false); 

The other thing to consider is the external site might have hot linking 
blocked. Make up a simple test page that uses an example image from the site in 
question and see if it show up on the page. If you get an error or the image 
doesn't show on the page then that site might have linking blocked

Original comment by voncadf...@gmail.com on 25 Oct 2012 at 5:54

GoogleCodeExporter commented 8 years ago

Original comment by BinaryMoon on 4 Dec 2012 at 9:27

GoogleCodeExporter commented 8 years ago 
ALLOW_EXTERNAL not working!

stopped by line

echo $imgData;
return false;
exit(0);

and not requests data from the array (ALLOW_EXTERNAL)

Original comment by xjiopka on 2 Feb 2013 at 9:10

GoogleCodeExporter commented 8 years ago 
solved!
define ('ALLOW_ALL_EXTERNAL_SITES', false);
thanks guys

Original comment by paulus.yansen on 17 Jun 2014 at 10:07