openbasedir restrictions throws exception with is_file()

matthiasmullie / minify

CSS & JavaScript minifier, in PHP. Removes whitespace, strips comments, combines files (incl. @import statements and small assets in CSS files), and optimizes/shortens a few common programming patterns.

MIT License

1.97k stars 309 forks source link

Context: I only pass local CSS files to Minify, all of them allowed by openbasedir.

Minify scans the contents of the CSS files, and runs is_file() on base64 encoded contents and other stuff contained within the CSS files.

Examples :

'500 is_file(): open_basedir restriction in effect. File(/#default#VML) is not within the allowed path(s): (REDACTED) at line 461 in /var/www/domains/REDACTED/matthiasmullie/minify/src/Minify.php',
500 is_file(): open_basedir restriction in effect. File(/data:application/x-font-ttf;charset=utf-8;base64,AAEAAAALA[...]AAAAAA=) is not within the allowed path(s): (REDACTED) at line 504 in /var/www/REDACTED/matthiasmullie/minify/src/Minify.php',

Expected behavior :

Minify should either catch these exceptions or use an intermediary function to check if it looks like an actual filename

matthiasmullie / minify

openbasedir restrictions throws exception with is_file() #417