]> BookStack Code Mirror - bookstack/commitdiff
projects / bookstack / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: a5401eb)
Update ImageRepo.php
authorHaxatron <redacted>
Tue, 26 Oct 2021 01:39:16 +0000 (09:39 +0800)
committerGitHub <redacted>
Tue, 26 Oct 2021 01:39:16 +0000 (09:39 +0800)
fix image validation vulnerability

app/Uploads/ImageRepo.php patch | blob | history

diff --git a/app/Uploads/ImageRepo.php b/app/Uploads/ImageRepo.php
index c4205e35740d0fce777ac8fd0c358b241dedfd49..e76a0a97d8384d4057f88a6182115e13c30d2b73 100644 (file)
--- a/app/Uploads/ImageRepo.php
+++ b/app/Uploads/ImageRepo.php
@@ -38,7 +38,7 @@ class ImageRepo
      */
     public function imageExtensionSupported(string $extension): bool
     {
-        return in_array(trim($extension, '. \t\n\r\0\x0B'), static::$supportedExtensions);
+        return in_array(trim($extension, ". \t\n\r\0\x0B"), static::$supportedExtensions);
     }
 
     /**
The core source code for the BookStack project.