X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/c429cf78187e80deb63982a282a1c6889f30291a..refs/pull/3032/head:/app/Uploads/ImageRepo.php

diff --git a/app/Uploads/ImageRepo.php b/app/Uploads/ImageRepo.php
index 115078561..694560a14 100644
--- a/app/Uploads/ImageRepo.php
+++ b/app/Uploads/ImageRepo.php
@@ -16,6 +16,8 @@ class ImageRepo
     protected $restrictionService;
     protected $page;
 
+    protected static $supportedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
+
     /**
      * ImageRepo constructor.
      */
@@ -31,6 +33,16 @@ class ImageRepo
         $this->page = $page;
     }
 
+    /**
+     * Check if the given image extension is supported by BookStack.
+     * The extension must not be altered in this function. This check should provide a guarantee
+     * that the provided extension is safe to use for the image to be saved.
+     */
+    public function imageExtensionSupported(string $extension): bool
+    {
+        return in_array($extension, static::$supportedExtensions);
+    }
+
     /**
      * Get an image with the given id.
      */