X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/a17be959d8b148f439305498ada0babd1b0ca2c7..refs/pull/3247/head:/app/Entities/Tools/PageContent.php diff --git a/app/Entities/Tools/PageContent.php b/app/Entities/Tools/PageContent.php index b1323bc68..b95131fce 100644 --- a/app/Entities/Tools/PageContent.php +++ b/app/Entities/Tools/PageContent.php @@ -12,6 +12,8 @@ use BookStack\Uploads\ImageRepo; use BookStack\Uploads\ImageService; use BookStack\Util\HtmlContentFilter; use DOMDocument; +use DOMElement; +use DOMNode; use DOMNodeList; use DOMXPath; use Illuminate\Support\Str; @@ -135,6 +137,12 @@ class PageContent return ''; } + // Validate that the content is not over our upload limit + $uploadLimitBytes = (config('app.upload_limit') * 1000000); + if (strlen($imageInfo['data']) > $uploadLimitBytes) { + return ''; + } + // Save image from data with a random name $imageName = 'embedded-image-' . Str::random(8) . '.' . $imageInfo['extension']; @@ -150,7 +158,7 @@ class PageContent /** * Parse a base64 image URI into the data and extension. * - * @return array{extension: array, data: string} + * @return array{extension: string, data: string} */ protected function parseBase64ImageUri(string $uri): array { @@ -187,6 +195,15 @@ class PageContent } } + // Set ids on nested header nodes + $nestedHeaders = $xPath->query('//body//*//h1|//body//*//h2|//body//*//h3|//body//*//h4|//body//*//h5|//body//*//h6'); + foreach ($nestedHeaders as $nestedHeader) { + [$oldId, $newId] = $this->setUniqueId($nestedHeader, $idMap); + if ($newId && $newId !== $oldId) { + $this->updateLinks($xPath, '#' . $oldId, '#' . $newId); + } + } + // Ensure no duplicate ids within child items $idElems = $xPath->query('//body//*//*[@id]'); foreach ($idElems as $domElem) { @@ -222,9 +239,9 @@ class PageContent * A map for existing ID's should be passed in to check for current existence. * Returns a pair of strings in the format [old_id, new_id]. */ - protected function setUniqueId(\DOMNode $element, array &$idMap): array + protected function setUniqueId(DOMNode $element, array &$idMap): array { - if (get_class($element) !== 'DOMElement') { + if (!$element instanceof DOMElement) { return ['', '']; } @@ -236,7 +253,7 @@ class PageContent return [$existingId, $existingId]; } - // Create an unique id for the element + // Create a unique id for the element // Uses the content as a basis to ensure output is the same every time // the same content is passed through. $contentId = 'bkmrk-' . mb_substr(strtolower(preg_replace('/\s+/', '-', trim($element->nodeValue))), 0, 20); @@ -306,7 +323,7 @@ class PageContent */ protected function headerNodesToLevelList(DOMNodeList $nodeList): array { - $tree = collect($nodeList)->map(function ($header) { + $tree = collect($nodeList)->map(function (DOMElement $header) { $text = trim(str_replace("\xc2\xa0", '', $header->nodeValue)); $text = mb_substr($text, 0, 100); @@ -384,7 +401,7 @@ class PageContent */ protected function fetchSectionOfPage(Page $page, string $sectionId): string { - $topLevelTags = ['table', 'ul', 'ol']; + $topLevelTags = ['table', 'ul', 'ol', 'pre']; $doc = $this->loadDocumentFromHtml($page->html); // Search included content for the id given and blank out if not exists.