The MIT License (MIT)
-Copyright (c) 2020 Dan Brown and the BookStack Project contributors
+Copyright (c) 2015-present, Dan Brown and the BookStack Project contributors
https://github.com/BookStackApp/BookStack/graphs/contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
/**
* Delete a comment from the system.
*/
- public function delete(Comment $comment)
+ public function delete(Comment $comment): void
{
$comment->delete();
}
/**
- * Convert the given comment markdown text to HTML.
+ * Convert the given comment Markdown to HTML.
*/
public function commentToHtml(string $commentText): string
{
if ($driverName === 'google' && config('services.google.select_account')) {
$driver->with(['prompt' => 'select_account']);
}
- if ($driverName === 'azure') {
- $driver->with(['resource' => 'https://graph.windows.net']);
- }
if (isset($this->configureForRedirectCallbacks[$driverName])) {
$this->configureForRedirectCallbacks[$driverName]($driver);
/**
* Class User.
*
- * @property string $id
+ * @property int $id
* @property string $name
* @property string $slug
* @property string $email
use BookStack\Facades\Theme;
use BookStack\Theming\ThemeEvents;
use BookStack\Uploads\ImageRepo;
+use BookStack\Uploads\ImageService;
use BookStack\Util\HtmlContentFilter;
use DOMDocument;
use DOMNodeList;
$imageInfo = $this->parseBase64ImageUri($uri);
// Validate extension and content
- if (empty($imageInfo['data']) || !$imageRepo->imageExtensionSupported($imageInfo['extension'])) {
+ if (empty($imageInfo['data']) || !ImageService::isExtensionSupported($imageInfo['extension'])) {
return '';
}
/**
* Parse a base64 image URI into the data and extension.
+ *
* @return array{extension: array, data: string}
*/
protected function parseBase64ImageUri(string $uri): array
{
[$dataDefinition, $base64ImageData] = explode(',', $uri, 2);
$extension = strtolower(preg_split('/[\/;]/', $dataDefinition)[1] ?? '');
+
return [
'extension' => $extension,
- 'data' => base64_decode($base64ImageData) ?: '',
+ 'data' => base64_decode($base64ImageData) ?: '',
];
}
'file' => 'required|file',
]);
+ /** @var Attachment $attachment */
$attachment = Attachment::query()->findOrFail($attachmentId);
$this->checkOwnablePermission('view', $attachment->page);
$this->checkOwnablePermission('page-update', $attachment->page);
/**
* Get the update form for an attachment.
- *
- * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function getUpdateForm(string $attachmentId)
{
+ /** @var Attachment $attachment */
$attachment = Attachment::query()->findOrFail($attachmentId);
$this->checkOwnablePermission('page-update', $attachment->page);
/**
* Get the attachments for a specific page.
+ *
+ * @throws NotFoundException
*/
public function listForPage(int $pageId)
{
use BookStack\Facades\Activity;
use BookStack\Interfaces\Loggable;
use BookStack\Model;
-use finfo;
+use BookStack\Util\WebSafeMimeSniffer;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Http\Exceptions\HttpResponseException;
protected function downloadResponse(string $content, string $fileName): Response
{
return response()->make($content, 200, [
- 'Content-Type' => 'application/octet-stream',
- 'Content-Disposition' => 'attachment; filename="' . $fileName . '"',
+ 'Content-Type' => 'application/octet-stream',
+ 'Content-Disposition' => 'attachment; filename="' . $fileName . '"',
+ 'X-Content-Type-Options' => 'nosniff',
]);
}
*/
protected function inlineDownloadResponse(string $content, string $fileName): Response
{
- $finfo = new finfo(FILEINFO_MIME_TYPE);
- $mime = $finfo->buffer($content) ?: 'application/octet-stream';
+ $mime = (new WebSafeMimeSniffer())->sniff($content);
return response()->make($content, 200, [
- 'Content-Type' => $mime,
- 'Content-Disposition' => 'inline; filename="' . $fileName . '"',
+ 'Content-Type' => $mime,
+ 'Content-Disposition' => 'inline; filename="' . $fileName . '"',
+ 'X-Content-Type-Options' => 'nosniff',
]);
}
public function getAsBase64($id)
{
$image = $this->imageRepo->getById($id);
- $page = $image->getPage();
- if ($image === null || $image->type !== 'drawio' || !userCan('page-view', $page)) {
+ if (is_null($image) || $image->type !== 'drawio' || !userCan('page-view', $image->getPage())) {
return $this->jsonError('Image data could not be found');
}
$imageData = $this->imageRepo->getImageData($image);
- if ($imageData === null) {
+ if (is_null($imageData)) {
return $this->jsonError('Image data could not be found');
}
use BookStack\Http\Controllers\Controller;
use BookStack\Uploads\Image;
use BookStack\Uploads\ImageRepo;
+use BookStack\Uploads\ImageService;
use Exception;
-use Illuminate\Filesystem\Filesystem as File;
use Illuminate\Http\Request;
use Illuminate\Validation\ValidationException;
class ImageController extends Controller
{
- protected $image;
- protected $file;
protected $imageRepo;
+ protected $imageService;
/**
* ImageController constructor.
*/
- public function __construct(Image $image, File $file, ImageRepo $imageRepo)
+ public function __construct(ImageRepo $imageRepo, ImageService $imageService)
{
- $this->image = $image;
- $this->file = $file;
$this->imageRepo = $imageRepo;
+ $this->imageService = $imageService;
}
/**
*/
public function showImage(string $path)
{
- $path = storage_path('uploads/images/' . $path);
- if (!file_exists($path)) {
+ if (!$this->imageService->pathExistsInLocalSecure($path)) {
throw (new NotFoundException(trans('errors.image_not_found')))
->setSubtitle(trans('errors.image_not_found_subtitle'))
->setDetails(trans('errors.image_not_found_details'));
}
- return response()->file($path);
+ return $this->imageService->streamImageFromStorageResponse('gallery', $path);
}
/**
namespace BookStack\Providers;
+use BookStack\Uploads\ImageService;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\ServiceProvider;
public function boot(): void
{
Validator::extend('image_extension', function ($attribute, $value, $parameters, $validator) {
- $validImageExtensions = ['png', 'jpg', 'jpeg', 'gif', 'webp'];
+ $extension = strtolower($value->getClientOriginalExtension());
- return in_array(strtolower($value->getClientOriginalExtension()), $validImageExtensions);
+ return ImageService::isExtensionSupported($extension);
});
Validator::extend('safe_url', function ($attribute, $value, $parameters, $validator) {
/**
* Get the storage that will be used for storing files.
*/
- protected function getStorage(): FileSystemInstance
+ protected function getStorageDisk(): FileSystemInstance
{
return $this->fileSystem->disk($this->getStorageDiskName());
}
*/
public function getAttachmentFromStorage(Attachment $attachment): string
{
- return $this->getStorage()->get($this->adjustPathForStorageDisk($attachment->path));
+ return $this->getStorageDisk()->get($this->adjustPathForStorageDisk($attachment->path));
}
/**
*/
protected function deleteFileInStorage(Attachment $attachment)
{
- $storage = $this->getStorage();
+ $storage = $this->getStorageDisk();
$dirPath = $this->adjustPathForStorageDisk(dirname($attachment->path));
$storage->delete($this->adjustPathForStorageDisk($attachment->path));
{
$attachmentData = file_get_contents($uploadedFile->getRealPath());
- $storage = $this->getStorage();
+ $storage = $this->getStorageDisk();
$basePath = 'uploads/files/' . date('Y-m-M') . '/';
- $uploadFileName = Str::random(16) . '.' . $uploadedFile->getClientOriginalExtension();
+ $uploadFileName = Str::random(16) . '-' . $uploadedFile->getClientOriginalExtension();
while ($storage->exists($this->adjustPathForStorageDisk($basePath . $uploadFileName))) {
$uploadFileName = Str::random(3) . $uploadFileName;
}
class ImageRepo
{
- protected $image;
protected $imageService;
protected $restrictionService;
- protected $page;
-
- protected static $supportedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
/**
* ImageRepo constructor.
*/
- public function __construct(
- Image $image,
- ImageService $imageService,
- PermissionService $permissionService,
- Page $page
- ) {
- $this->image = $image;
+ public function __construct(ImageService $imageService, PermissionService $permissionService)
+ {
$this->imageService = $imageService;
$this->restrictionService = $permissionService;
- $this->page = $page;
- }
-
- /**
- * Check if the given image extension is supported by BookStack.
- * The extension must not be altered in this function. This check should provide a guarantee
- * that the provided extension is safe to use for the image to be saved.
- */
- public function imageExtensionSupported(string $extension): bool
- {
- return in_array($extension, static::$supportedExtensions);
}
/**
*/
public function getById($id): Image
{
- return $this->image->findOrFail($id);
+ return Image::query()->findOrFail($id);
}
/**
$hasMore = count($images) > $pageSize;
$returnImages = $images->take($pageSize);
- $returnImages->each(function ($image) {
+ $returnImages->each(function (Image $image) {
$this->loadThumbs($image);
});
string $search = null,
callable $whereClause = null
): array {
- $imageQuery = $this->image->newQuery()->where('type', '=', strtolower($type));
+ $imageQuery = Image::query()->where('type', '=', strtolower($type));
if ($uploadedTo !== null) {
$imageQuery = $imageQuery->where('uploaded_to', '=', $uploadedTo);
int $uploadedTo = null,
string $search = null
): array {
- $contextPage = $this->page->findOrFail($uploadedTo);
+ /** @var Page $contextPage */
+ $contextPage = Page::visible()->findOrFail($uploadedTo);
$parentFilter = null;
if ($filterType === 'book' || $filterType === 'page') {
*
* @throws ImageUploadException
*/
- public function saveNewFromData(string $imageName, string $imageData, string $type, int $uploadedTo = 0)
+ public function saveNewFromData(string $imageName, string $imageData, string $type, int $uploadedTo = 0): Image
{
$image = $this->imageService->saveNew($imageName, $imageData, $type, $uploadedTo);
$this->loadThumbs($image);
}
/**
- * Save a drawing the the database.
+ * Save a drawing in the database.
*
* @throws ImageUploadException
*/
public function saveDrawing(string $base64Uri, int $uploadedTo): Image
{
- $name = 'Drawing-' . strval(user()->id) . '-' . strval(time()) . '.png';
+ $name = 'Drawing-' . user()->id . '-' . time() . '.png';
return $this->imageService->saveNewFromBase64Uri($base64Uri, $name, 'drawio', $uploadedTo);
}
/**
* Update the details of an image via an array of properties.
*
- * @throws ImageUploadException
* @throws Exception
*/
public function updateImageDetails(Image $image, $updateDetails): Image
*
* @throws Exception
*/
- public function destroyImage(Image $image = null): bool
+ public function destroyImage(Image $image = null): void
{
if ($image) {
$this->imageService->destroy($image);
}
-
- return true;
}
/**
*
* @throws Exception
*/
- public function destroyByType(string $imageType)
+ public function destroyByType(string $imageType): void
{
- $images = $this->image->where('type', '=', $imageType)->get();
+ $images = Image::query()->where('type', '=', $imageType)->get();
foreach ($images as $image) {
$this->destroyImage($image);
}
/**
* Load thumbnails onto an image object.
- *
- * @throws Exception
*/
- public function loadThumbs(Image $image)
+ public function loadThumbs(Image $image): void
{
- $image->thumbs = [
+ $image->setAttribute('thumbs', [
'gallery' => $this->getThumbnail($image, 150, 150, false),
'display' => $this->getThumbnail($image, 1680, null, true),
- ];
+ ]);
}
/**
* Get the thumbnail for an image.
* If $keepRatio is true only the width will be used.
* Checks the cache then storage to avoid creating / accessing the filesystem on every check.
- *
- * @throws Exception
*/
- protected function getThumbnail(Image $image, ?int $width = 220, ?int $height = 220, bool $keepRatio = false): ?string
+ protected function getThumbnail(Image $image, ?int $width, ?int $height, bool $keepRatio): ?string
{
try {
return $this->imageService->getThumbnail($image, $width, $height, $keepRatio);
use Illuminate\Contracts\Filesystem\Filesystem as FileSystemInstance;
use Illuminate\Contracts\Filesystem\Filesystem as Storage;
use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str;
use Intervention\Image\Exception\NotSupportedException;
use Intervention\Image\ImageManager;
use League\Flysystem\Util;
+use Psr\SimpleCache\InvalidArgumentException;
use Symfony\Component\HttpFoundation\File\UploadedFile;
+use Symfony\Component\HttpFoundation\StreamedResponse;
class ImageService
{
protected $image;
protected $fileSystem;
+ protected static $supportedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
+
/**
* ImageService constructor.
*/
/**
* Get the storage that will be used for storing images.
*/
- protected function getStorage(string $imageType = ''): FileSystemInstance
+ protected function getStorageDisk(string $imageType = ''): FileSystemInstance
{
return $this->fileSystem->disk($this->getStorageDiskName($imageType));
}
+ /**
+ * Check if local secure image storage (Fetched behind authentication)
+ * is currently active in the instance.
+ */
+ protected function usingSecureImages(): bool
+ {
+ return $this->getStorageDiskName('gallery') === 'local_secure_images';
+ }
+
/**
* Change the originally provided path to fit any disk-specific requirements.
* This also ensures the path is kept to the expected root folders.
*/
public function saveNew(string $imageName, string $imageData, string $type, int $uploadedTo = 0): Image
{
- $storage = $this->getStorage($type);
+ $storage = $this->getStorageDisk($type);
$secureUploads = setting('app-secure-images');
$fileName = $this->cleanImageFileName($imageName);
try {
$this->saveImageDataInPublicSpace($storage, $this->adjustPathForStorageDisk($fullPath, $type), $imageData);
} catch (Exception $e) {
- \Log::error('Error when attempting image upload:' . $e->getMessage());
+ Log::error('Error when attempting image upload:' . $e->getMessage());
throw new ImageUploadException(trans('errors.path_not_writable', ['filePath' => $fullPath]));
}
* If $keepRatio is true only the width will be used.
* Checks the cache then storage to avoid creating / accessing the filesystem on every check.
*
- * @param Image $image
- * @param int $width
- * @param int $height
- * @param bool $keepRatio
- *
* @throws Exception
- * @throws ImageUploadException
- *
- * @return string
+ * @throws InvalidArgumentException
*/
- public function getThumbnail(Image $image, $width = 220, $height = 220, $keepRatio = false)
+ public function getThumbnail(Image $image, ?int $width, ?int $height, bool $keepRatio = false): string
{
if ($keepRatio && $this->isGif($image)) {
return $this->getPublicUrl($image->path);
return $this->getPublicUrl($thumbFilePath);
}
- $storage = $this->getStorage($image->type);
+ $storage = $this->getStorageDisk($image->type);
if ($storage->exists($this->adjustPathForStorageDisk($thumbFilePath, $image->type))) {
return $this->getPublicUrl($thumbFilePath);
}
}
/**
- * Resize image data.
- *
- * @param string $imageData
- * @param int $width
- * @param int $height
- * @param bool $keepRatio
+ * Resize the image of given data to the specified size, and return the new image data.
*
* @throws ImageUploadException
- *
- * @return string
*/
- protected function resizeImage(string $imageData, $width = 220, $height = null, bool $keepRatio = true)
+ protected function resizeImage(string $imageData, ?int $width, ?int $height, bool $keepRatio): string
{
try {
$thumb = $this->imageTool->make($imageData);
- } catch (Exception $e) {
- if ($e instanceof ErrorException || $e instanceof NotSupportedException) {
- throw new ImageUploadException(trans('errors.cannot_create_thumbs'));
- }
-
- throw $e;
+ } catch (ErrorException|NotSupportedException $e) {
+ throw new ImageUploadException(trans('errors.cannot_create_thumbs'));
}
if ($keepRatio) {
*/
public function getImageData(Image $image): string
{
- $storage = $this->getStorage();
+ $storage = $this->getStorageDisk();
return $storage->get($this->adjustPathForStorageDisk($image->path, $image->type));
}
protected function destroyImagesFromPath(string $path, string $imageType): bool
{
$path = $this->adjustPathForStorageDisk($path, $imageType);
- $storage = $this->getStorage($imageType);
+ $storage = $this->getStorageDisk($imageType);
$imageFolder = dirname($path);
$imageFileName = basename($path);
}
$storagePath = $this->adjustPathForStorageDisk($storagePath);
- $storage = $this->getStorage();
+ $storage = $this->getStorageDisk();
$imageData = null;
if ($storage->exists($storagePath)) {
$imageData = $storage->get($storagePath);
return 'data:image/' . $extension . ';base64,' . base64_encode($imageData);
}
+ /**
+ * Check if the given path exists in the local secure image system.
+ * Returns false if local_secure is not in use.
+ */
+ public function pathExistsInLocalSecure(string $imagePath): bool
+ {
+ $disk = $this->getStorageDisk('gallery');
+
+ // Check local_secure is active
+ return $this->usingSecureImages()
+ // Check the image file exists
+ && $disk->exists($imagePath)
+ // Check the file is likely an image file
+ && strpos($disk->getMimetype($imagePath), 'image/') === 0;
+ }
+
+ /**
+ * For the given path, if existing, provide a response that will stream the image contents.
+ */
+ public function streamImageFromStorageResponse(string $imageType, string $path): StreamedResponse
+ {
+ $disk = $this->getStorageDisk($imageType);
+
+ return $disk->response($path);
+ }
+
+ /**
+ * Check if the given image extension is supported by BookStack.
+ * The extension must not be altered in this function. This check should provide a guarantee
+ * that the provided extension is safe to use for the image to be saved.
+ */
+ public static function isExtensionSupported(string $extension): bool
+ {
+ return in_array($extension, static::$supportedExtensions);
+ }
+
/**
* Get a storage path for the given image URL.
* Ensures the path will start with "uploads/images".
*/
private function getPublicUrl(string $filePath): string
{
- if ($this->storageUrl === null) {
+ if (is_null($this->storageUrl)) {
$storageUrl = config('filesystems.url');
// Get the standard public s3 url if s3 is set as storage type
$storageUrl = 'https://s3-' . $storageDetails['region'] . '.amazonaws.com/' . $storageDetails['bucket'];
}
}
+
$this->storageUrl = $storageUrl;
}
--- /dev/null
+<?php
+
+namespace BookStack\Util;
+
+use finfo;
+
+/**
+ * Helper class to sniff out the mime-type of content resulting in
+ * a mime-type that's relatively safe to serve to a browser.
+ */
+class WebSafeMimeSniffer
+{
+ /**
+ * @var string[]
+ */
+ protected $safeMimes = [
+ 'application/json',
+ 'application/octet-stream',
+ 'application/pdf',
+ 'image/bmp',
+ 'image/jpeg',
+ 'image/png',
+ 'image/gif',
+ 'image/webp',
+ 'image/avif',
+ 'image/heic',
+ 'text/css',
+ 'text/csv',
+ 'text/javascript',
+ 'text/json',
+ 'text/plain',
+ 'video/x-msvideo',
+ 'video/mp4',
+ 'video/mpeg',
+ 'video/ogg',
+ 'video/webm',
+ 'video/vp9',
+ 'video/h264',
+ 'video/av1',
+ ];
+
+ /**
+ * Sniff the mime-type from the given file content while running the result
+ * through an allow-list to ensure a web-safe result.
+ * Takes the content as a reference since the value may be quite large.
+ */
+ public function sniff(string &$content): string
+ {
+ $fInfo = new finfo(FILEINFO_MIME_TYPE);
+ $mime = $fInfo->buffer($content) ?: 'application/octet-stream';
+
+ if (in_array($mime, $this->safeMimes)) {
+ return $mime;
+ }
+
+ [$category] = explode('/', $mime, 2);
+ if ($category === 'text') {
+ return 'text/plain';
+ }
+
+ return 'application/octet-stream';
+ }
+}
"predis/predis": "^1.1.6",
"socialiteproviders/discord": "^4.1",
"socialiteproviders/gitlab": "^4.1",
- "socialiteproviders/microsoft-azure": "^4.1",
+ "socialiteproviders/microsoft-azure": "^5.0.1",
"socialiteproviders/okta": "^4.1",
"socialiteproviders/slack": "^4.1",
"socialiteproviders/twitch": "^5.3",
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "fc6d8f731e3975127a9101802cc4bb3a",
+ "content-hash": "4780c46ffc4d1a09af810f62ca59e4a7",
"packages": [
{
"name": "aws/aws-crt-php",
},
{
"name": "aws/aws-sdk-php",
- "version": "3.199.3",
+ "version": "3.199.7",
"source": {
"type": "git",
"url": "https://github.com/aws/aws-sdk-php.git",
- "reference": "132a1148ebb63d04023837bcf9a36f49b308a0bd"
+ "reference": "fda176884d2952cffc7e67209470bff49609339c"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/132a1148ebb63d04023837bcf9a36f49b308a0bd",
- "reference": "132a1148ebb63d04023837bcf9a36f49b308a0bd",
+ "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/fda176884d2952cffc7e67209470bff49609339c",
+ "reference": "fda176884d2952cffc7e67209470bff49609339c",
"shasum": ""
},
"require": {
"support": {
"forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80",
"issues": "https://github.com/aws/aws-sdk-php/issues",
- "source": "https://github.com/aws/aws-sdk-php/tree/3.199.3"
+ "source": "https://github.com/aws/aws-sdk-php/tree/3.199.7"
},
- "time": "2021-10-25T18:17:28+00:00"
+ "time": "2021-10-29T18:25:02+00:00"
},
{
"name": "bacon/bacon-qr-code",
},
{
"name": "phpseclib/phpseclib",
- "version": "3.0.10",
+ "version": "3.0.11",
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
- "reference": "62fcc5a94ac83b1506f52d7558d828617fac9187"
+ "reference": "6e794226a35159eb06f355efe59a0075a16551dd"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/62fcc5a94ac83b1506f52d7558d828617fac9187",
- "reference": "62fcc5a94ac83b1506f52d7558d828617fac9187",
+ "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/6e794226a35159eb06f355efe59a0075a16551dd",
+ "reference": "6e794226a35159eb06f355efe59a0075a16551dd",
"shasum": ""
},
"require": {
],
"support": {
"issues": "https://github.com/phpseclib/phpseclib/issues",
- "source": "https://github.com/phpseclib/phpseclib/tree/3.0.10"
+ "source": "https://github.com/phpseclib/phpseclib/tree/3.0.11"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-08-16T04:24:45+00:00"
+ "time": "2021-10-27T03:01:46+00:00"
},
{
"name": "pragmarx/google2fa",
},
{
"name": "socialiteproviders/microsoft-azure",
- "version": "4.2.1",
+ "version": "5.0.1",
"source": {
"type": "git",
"url": "https://github.com/SocialiteProviders/Microsoft-Azure.git",
- "reference": "64779ec21db0bee3111039a67c0fa0ab550a3462"
+ "reference": "9b23e02ff711de42e513aa55f768a4f1c67c0e41"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/SocialiteProviders/Microsoft-Azure/zipball/64779ec21db0bee3111039a67c0fa0ab550a3462",
- "reference": "64779ec21db0bee3111039a67c0fa0ab550a3462",
+ "url": "https://api.github.com/repos/SocialiteProviders/Microsoft-Azure/zipball/9b23e02ff711de42e513aa55f768a4f1c67c0e41",
+ "reference": "9b23e02ff711de42e513aa55f768a4f1c67c0e41",
"shasum": ""
},
"require": {
}
],
"description": "Microsoft Azure OAuth2 Provider for Laravel Socialite",
+ "keywords": [
+ "azure",
+ "laravel",
+ "microsoft",
+ "oauth",
+ "provider",
+ "socialite"
+ ],
"support": {
- "source": "https://github.com/SocialiteProviders/Microsoft-Azure/tree/4.2.1"
+ "docs": "https://socialiteproviders.com/microsoft-azure",
+ "issues": "https://github.com/socialiteproviders/providers/issues",
+ "source": "https://github.com/socialiteproviders/providers"
},
- "time": "2021-06-14T22:51:38+00:00"
+ "time": "2021-10-07T22:21:59+00:00"
},
{
"name": "socialiteproviders/okta",
},
{
"name": "symfony/console",
- "version": "v4.4.30",
+ "version": "v4.4.33",
"source": {
"type": "git",
"url": "https://github.com/symfony/console.git",
- "reference": "a3f7189a0665ee33b50e9e228c46f50f5acbed22"
+ "reference": "8dbd23ef7a8884051482183ddee8d9061b5feed0"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/console/zipball/a3f7189a0665ee33b50e9e228c46f50f5acbed22",
- "reference": "a3f7189a0665ee33b50e9e228c46f50f5acbed22",
+ "url": "https://api.github.com/repos/symfony/console/zipball/8dbd23ef7a8884051482183ddee8d9061b5feed0",
+ "reference": "8dbd23ef7a8884051482183ddee8d9061b5feed0",
"shasum": ""
},
"require": {
"description": "Eases the creation of beautiful and testable command line interfaces",
"homepage": "https://symfony.com",
"support": {
- "source": "https://github.com/symfony/console/tree/v4.4.30"
+ "source": "https://github.com/symfony/console/tree/v4.4.33"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-08-25T19:27:26+00:00"
+ "time": "2021-10-25T16:36:08+00:00"
},
{
"name": "symfony/css-selector",
},
{
"name": "symfony/http-foundation",
- "version": "v4.4.30",
+ "version": "v4.4.33",
"source": {
"type": "git",
"url": "https://github.com/symfony/http-foundation.git",
- "reference": "09b3202651ab23ac8dcf455284a48a3500e56731"
+ "reference": "b9a91102f548e0111f4996e8c622fb1d1d479850"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/http-foundation/zipball/09b3202651ab23ac8dcf455284a48a3500e56731",
- "reference": "09b3202651ab23ac8dcf455284a48a3500e56731",
+ "url": "https://api.github.com/repos/symfony/http-foundation/zipball/b9a91102f548e0111f4996e8c622fb1d1d479850",
+ "reference": "b9a91102f548e0111f4996e8c622fb1d1d479850",
"shasum": ""
},
"require": {
"description": "Defines an object-oriented layer for the HTTP specification",
"homepage": "https://symfony.com",
"support": {
- "source": "https://github.com/symfony/http-foundation/tree/v4.4.30"
+ "source": "https://github.com/symfony/http-foundation/tree/v4.4.33"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-08-26T15:51:23+00:00"
+ "time": "2021-10-07T15:31:35+00:00"
},
{
"name": "symfony/http-kernel",
- "version": "v4.4.32",
+ "version": "v4.4.33",
"source": {
"type": "git",
"url": "https://github.com/symfony/http-kernel.git",
- "reference": "f7bda3ea8f05ae90627400e58af5179b25ce0f38"
+ "reference": "6f1fcca1154f782796549f4f4e5090bae9525c0e"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/http-kernel/zipball/f7bda3ea8f05ae90627400e58af5179b25ce0f38",
- "reference": "f7bda3ea8f05ae90627400e58af5179b25ce0f38",
+ "url": "https://api.github.com/repos/symfony/http-kernel/zipball/6f1fcca1154f782796549f4f4e5090bae9525c0e",
+ "reference": "6f1fcca1154f782796549f4f4e5090bae9525c0e",
"shasum": ""
},
"require": {
"description": "Provides a structured process for converting a Request into a Response",
"homepage": "https://symfony.com",
"support": {
- "source": "https://github.com/symfony/http-kernel/tree/v4.4.32"
+ "source": "https://github.com/symfony/http-kernel/tree/v4.4.33"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-09-28T10:20:04+00:00"
+ "time": "2021-10-29T08:14:01+00:00"
},
{
"name": "symfony/mime",
},
{
"name": "symfony/var-dumper",
- "version": "v4.4.31",
+ "version": "v4.4.33",
"source": {
"type": "git",
"url": "https://github.com/symfony/var-dumper.git",
- "reference": "1f12cc0c2e880a5f39575c19af81438464717839"
+ "reference": "50286e2b7189bfb4f419c0731e86632cddf7c5ee"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/var-dumper/zipball/1f12cc0c2e880a5f39575c19af81438464717839",
- "reference": "1f12cc0c2e880a5f39575c19af81438464717839",
+ "url": "https://api.github.com/repos/symfony/var-dumper/zipball/50286e2b7189bfb4f419c0731e86632cddf7c5ee",
+ "reference": "50286e2b7189bfb4f419c0731e86632cddf7c5ee",
"shasum": ""
},
"require": {
"dump"
],
"support": {
- "source": "https://github.com/symfony/var-dumper/tree/v4.4.31"
+ "source": "https://github.com/symfony/var-dumper/tree/v4.4.33"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-09-24T15:30:11+00:00"
+ "time": "2021-10-25T20:24:58+00:00"
},
{
"name": "tijsverkoyen/css-to-inline-styles",
},
{
"name": "composer/ca-bundle",
- "version": "1.2.11",
+ "version": "1.3.1",
"source": {
"type": "git",
"url": "https://github.com/composer/ca-bundle.git",
- "reference": "0b072d51c5a9c6f3412f7ea3ab043d6603cb2582"
+ "reference": "4c679186f2aca4ab6a0f1b0b9cf9252decb44d0b"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/composer/ca-bundle/zipball/0b072d51c5a9c6f3412f7ea3ab043d6603cb2582",
- "reference": "0b072d51c5a9c6f3412f7ea3ab043d6603cb2582",
+ "url": "https://api.github.com/repos/composer/ca-bundle/zipball/4c679186f2aca4ab6a0f1b0b9cf9252decb44d0b",
+ "reference": "4c679186f2aca4ab6a0f1b0b9cf9252decb44d0b",
"shasum": ""
},
"require": {
"support": {
"irc": "irc://irc.freenode.org/composer",
"issues": "https://github.com/composer/ca-bundle/issues",
- "source": "https://github.com/composer/ca-bundle/tree/1.2.11"
+ "source": "https://github.com/composer/ca-bundle/tree/1.3.1"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-09-25T20:32:43+00:00"
+ "time": "2021-10-28T20:44:15+00:00"
},
{
"name": "composer/composer",
- "version": "2.1.9",
+ "version": "2.1.10",
"source": {
"type": "git",
"url": "https://github.com/composer/composer.git",
- "reference": "e558c88f28d102d497adec4852802c0dc14c7077"
+ "reference": "ea5f64d1a15c66942979b804c9fb3686be852ca0"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/composer/composer/zipball/e558c88f28d102d497adec4852802c0dc14c7077",
- "reference": "e558c88f28d102d497adec4852802c0dc14c7077",
+ "url": "https://api.github.com/repos/composer/composer/zipball/ea5f64d1a15c66942979b804c9fb3686be852ca0",
+ "reference": "ea5f64d1a15c66942979b804c9fb3686be852ca0",
"shasum": ""
},
"require": {
"composer/xdebug-handler": "^2.0",
"justinrainbow/json-schema": "^5.2.11",
"php": "^5.3.2 || ^7.0 || ^8.0",
- "psr/log": "^1.0",
+ "psr/log": "^1.0 || ^2.0",
"react/promise": "^1.2 || ^2.7",
"seld/jsonlint": "^1.4",
"seld/phar-utils": "^1.0",
"type": "library",
"extra": {
"branch-alias": {
- "dev-master": "2.1-dev"
+ "dev-main": "2.1-dev"
}
},
"autoload": {
"support": {
"irc": "ircs://irc.libera.chat:6697/composer",
"issues": "https://github.com/composer/composer/issues",
- "source": "https://github.com/composer/composer/tree/2.1.9"
+ "source": "https://github.com/composer/composer/tree/2.1.10"
},
"funding": [
{
"type": "tidelift"
}
],
- "time": "2021-10-05T07:47:38+00:00"
+ "time": "2021-10-29T20:34:57+00:00"
},
{
"name": "composer/metadata-minifier",
},
{
"name": "phpunit/php-code-coverage",
- "version": "9.2.7",
+ "version": "9.2.8",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
- "reference": "d4c798ed8d51506800b441f7a13ecb0f76f12218"
+ "reference": "cf04e88a2e3c56fc1a65488afd493325b4c1bc3e"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/d4c798ed8d51506800b441f7a13ecb0f76f12218",
- "reference": "d4c798ed8d51506800b441f7a13ecb0f76f12218",
+ "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/cf04e88a2e3c56fc1a65488afd493325b4c1bc3e",
+ "reference": "cf04e88a2e3c56fc1a65488afd493325b4c1bc3e",
"shasum": ""
},
"require": {
"ext-dom": "*",
"ext-libxml": "*",
"ext-xmlwriter": "*",
- "nikic/php-parser": "^4.12.0",
+ "nikic/php-parser": "^4.13.0",
"php": ">=7.3",
"phpunit/php-file-iterator": "^3.0.3",
"phpunit/php-text-template": "^2.0.2",
],
"support": {
"issues": "https://github.com/sebastianbergmann/php-code-coverage/issues",
- "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.7"
+ "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.8"
},
"funding": [
{
"type": "github"
}
],
- "time": "2021-09-17T05:39:03+00:00"
+ "time": "2021-10-30T08:01:38+00:00"
},
{
"name": "phpunit/php-file-iterator",
In regard to development philosophy, BookStack has a relaxed, open & positive approach. At the end of the day this is free software developed and maintained by people donating their own free time.
+## 🌟 Project Sponsors
+
+Shown below are our bronze, silver and gold project sponsors.
+Big thanks to these companies for supporting the project.
+Note: Listed services are not tested, vetted nor supported by the official BookStack project in any manner.
+[View all sponsors](https://github.com/sponsors/ssddanbrown).
+
+#### Bronze Sponsors
+
+<table><tbody><tr>
+<td><a href="https://www.diagrams.net/" target="_blank">
+ <img width="280" src="https://media.githubusercontent.com/media/BookStackApp/website/master/static/images/sponsors/diagramsnet.png" alt="Diagrams.net logo">
+</a></td>
+
+<td><a href="https://www.stellarhosted.com/bookstack/" target="_blank">
+ <img width="280" src="https://media.githubusercontent.com/media/BookStackApp/website/master/static/images/sponsors/stellarhosted.png" alt="Stellar Hosted Logo">
+</a></td>
+</tr></tbody></table>
+
## 🛣️ Road Map
Below is a high-level road map view for BookStack to provide a sense of direction of where the project is going. This can change at any point and does not reflect many features and improvements that will also be included as part of the journey along this road map. For more granular detail of what will be included in upcoming releases you can review the project milestones as defined in the "Release Process" section below.
'de_informal' => 'Deutsch (Du)',
'es' => 'Español',
'es_AR' => 'Español Argentina',
- 'et' => 'Eesti keel',
+ 'et' => 'Igauņu',
'fr' => 'Français',
'he' => 'עברית',
'hr' => 'Hrvatski',
'favourite_remove_notification' => '":name" is verwijderd uit je favorieten',
// MFA
- 'mfa_setup_method_notification' => 'Multi-factor method successfully configured',
- 'mfa_remove_method_notification' => 'Multi-factor method successfully removed',
+ 'mfa_setup_method_notification' => 'Multi-factor methode succesvol geconfigureerd',
+ 'mfa_remove_method_notification' => 'Multi-factor methode succesvol verwijderd',
// Other
'commented_on' => 'reageerde op',
'user_invite_success' => 'Wachtwoord ingesteld, je hebt nu toegang tot :appName!',
// Multi-factor Authentication
- 'mfa_setup' => 'Setup Multi-Factor Authentication',
- 'mfa_setup_desc' => 'Setup multi-factor authentication as an extra layer of security for your user account.',
- 'mfa_setup_configured' => 'Already configured',
- 'mfa_setup_reconfigure' => 'Reconfigure',
- 'mfa_setup_remove_confirmation' => 'Are you sure you want to remove this multi-factor authentication method?',
- 'mfa_setup_action' => 'Setup',
- 'mfa_backup_codes_usage_limit_warning' => 'You have less than 5 backup codes remaining, Please generate and store a new set before you run out of codes to prevent being locked out of your account.',
- 'mfa_option_totp_title' => 'Mobile App',
- 'mfa_option_totp_desc' => 'To use multi-factor authentication you\'ll need a mobile application that supports TOTP such as Google Authenticator, Authy or Microsoft Authenticator.',
- 'mfa_option_backup_codes_title' => 'Backup Codes',
- 'mfa_option_backup_codes_desc' => 'Securely store a set of one-time-use backup codes which you can enter to verify your identity.',
- 'mfa_gen_confirm_and_enable' => 'Confirm and Enable',
- 'mfa_gen_backup_codes_title' => 'Backup Codes Setup',
- 'mfa_gen_backup_codes_desc' => 'Store the below list of codes in a safe place. When accessing the system you\'ll be able to use one of the codes as a second authentication mechanism.',
+ 'mfa_setup' => 'Multi-factor authenticatie instellen',
+ 'mfa_setup_desc' => 'Stel multi-factor authenticatie in als een extra beveiligingslaag voor uw gebruikersaccount.',
+ 'mfa_setup_configured' => 'Reeds geconfigureerd',
+ 'mfa_setup_reconfigure' => 'Herconfigureren1',
+ 'mfa_setup_remove_confirmation' => 'Weet je zeker dat je deze multi-factor authenticatie methode wilt verwijderen?',
+ 'mfa_setup_action' => 'Instellen',
+ 'mfa_backup_codes_usage_limit_warning' => 'U heeft minder dan 5 back-upcodes resterend. Genereer en sla een nieuwe set op voordat je geen codes meer hebt om te voorkomen dat je buiten je account wordt gesloten.',
+ 'mfa_option_totp_title' => 'Mobiele app',
+ 'mfa_option_totp_desc' => 'Om multi-factor authenticatie te gebruiken heeft u een mobiele applicatie nodig die TOTP ondersteunt, zoals Google Authenticator, Authy of Microsoft Authenticator.',
+ 'mfa_option_backup_codes_title' => 'Back-up Codes',
+ 'mfa_option_backup_codes_desc' => 'Bewaar veilig een set eenmalige back-upcodes die u kunt invoeren om uw identiteit te verifiëren.',
+ 'mfa_gen_confirm_and_enable' => 'Bevestigen en inschakelen',
+ 'mfa_gen_backup_codes_title' => 'Reservekopiecodes instellen',
+ 'mfa_gen_backup_codes_desc' => 'De onderstaande lijst met codes opslaan op een veilige plaats. Bij de toegang tot het systeem kun je een van de codes gebruiken als tweede verificatiemechanisme.',
'mfa_gen_backup_codes_download' => 'Download Codes',
- 'mfa_gen_backup_codes_usage_warning' => 'Each code can only be used once',
- 'mfa_gen_totp_title' => 'Mobile App Setup',
- 'mfa_gen_totp_desc' => 'To use multi-factor authentication you\'ll need a mobile application that supports TOTP such as Google Authenticator, Authy or Microsoft Authenticator.',
- 'mfa_gen_totp_scan' => 'Scan the QR code below using your preferred authentication app to get started.',
- 'mfa_gen_totp_verify_setup' => 'Verify Setup',
- 'mfa_gen_totp_verify_setup_desc' => 'Verify that all is working by entering a code, generated within your authentication app, in the input box below:',
+ 'mfa_gen_backup_codes_usage_warning' => 'Elke code kan slechts eenmaal gebruikt worden',
+ 'mfa_gen_totp_title' => 'Mobiele app installatie',
+ 'mfa_gen_totp_desc' => 'Om multi-factor authenticatie te gebruiken heeft u een mobiele applicatie nodig die TOTP ondersteunt, zoals Google Authenticator, Authy of Microsoft Authenticator.',
+ 'mfa_gen_totp_scan' => 'Scan de onderstaande QR-code door gebruik te maken van uw favoriete authenticatie app om aan de slag te gaan.',
+ 'mfa_gen_totp_verify_setup' => 'Installatie verifiëren',
+ 'mfa_gen_totp_verify_setup_desc' => 'Controleer of alles werkt door het invoeren van een code, die wordt gegenereerd binnen uw authenticatie-app, in het onderstaande invoerveld:',
'mfa_gen_totp_provide_code_here' => 'Provide your app generated code here',
'mfa_verify_access' => 'Verify Access',
'mfa_verify_access_desc' => 'Your user account requires you to confirm your identity via an additional level of verification before you\'re granted access. Verify using one of your configured methods to continue.',
'reset' => 'Resetten',
'remove' => 'Verwijderen',
'add' => 'Toevoegen',
- 'configure' => 'Configure',
+ 'configure' => 'Configureer',
'fullscreen' => 'Volledig scherm',
'favourite' => 'Favoriet',
'unfavourite' => 'Verwijderen uit favoriet',
'shelves_permissions' => 'Boekenplank permissies',
'shelves_permissions_updated' => 'Boekenplank permissies opgeslagen',
'shelves_permissions_active' => 'Boekenplank permissies actief',
- 'shelves_permissions_cascade_warning' => 'Permissions on bookshelves do not automatically cascade to contained books. This is because a book can exist on multiple shelves. Permissions can however be copied down to child books using the option found below.',
+ 'shelves_permissions_cascade_warning' => 'Machtigingen op boekenplanken zijn niet automatisch een cascade om boeken te bevatten. Dit komt omdat een boek in meerdere schappen kan bestaan. Machtigingen kunnen echter worden gekopieerd naar subboeken door gebruik te maken van onderstaande optie.',
'shelves_copy_permissions_to_books' => 'Kopieer permissies naar boeken',
'shelves_copy_permissions' => 'Kopieer permissies',
'shelves_copy_permissions_explain' => 'Met deze actie worden de permissies van deze boekenplank gekopieërd naar alle boeken op de plank. Voordat deze actie wordt uitgevoerd, zorg dat de wijzigingen in de permissies van deze boekenplank zijn opgeslagen.',
'pages_initial_name' => 'Nieuwe pagina',
'pages_editing_draft_notification' => 'U bewerkt momenteel een concept dat voor het laatst is opgeslagen op :timeDiff.',
'pages_draft_edited_notification' => 'Deze pagina is sindsdien bijgewerkt. Het wordt aanbevolen dat u dit concept verwijderd.',
- 'pages_draft_page_changed_since_creation' => 'This page has been updated since this draft was created. It is recommended that you discard this draft or take care not to overwrite any page changes.',
+ 'pages_draft_page_changed_since_creation' => 'Deze pagina is bijgewerkt sinds het aanmaken van dit concept. Het wordt aanbevolen dat u dit ontwerp verwijdert of ervoor zorgt dat u wijzigingen op de pagina niet overschrijft.',
'pages_draft_edit_active' => [
'start_a' => ':count gebruikers zijn begonnen deze pagina te bewerken',
'start_b' => ':userName is begonnen met het bewerken van deze pagina',
'saml_invalid_response_id' => 'Żądanie z zewnętrznego systemu uwierzytelniania nie zostało rozpoznane przez proces rozpoczęty przez tę aplikację. Cofnięcie po zalogowaniu mogło spowodować ten problem.',
'saml_fail_authed' => 'Logowanie przy użyciu :system nie powiodło się, system nie mógł pomyślnie ukończyć uwierzytelniania',
'oidc_already_logged_in' => 'Już zalogowany',
- 'oidc_user_not_registered' => 'The user :name is not registered and automatic registration is disabled',
- 'oidc_no_email_address' => 'Could not find an email address, for this user, in the data provided by the external authentication system',
- 'oidc_fail_authed' => 'Login using :system failed, system did not provide successful authorization',
+ 'oidc_user_not_registered' => 'Użytkownik :name nie jest zarejestrowany, a automatyczna rejestracja jest wyłączona',
+ 'oidc_no_email_address' => 'Nie można odnaleźć adresu email dla tego użytkownika w danych dostarczonych przez zewnętrzny system uwierzytelniania',
+ 'oidc_fail_authed' => 'Logowanie przy użyciu :system nie powiodło się, system nie mógł pomyślnie ukończyć uwierzytelniania',
'social_no_action_defined' => 'Brak zdefiniowanej akcji',
'social_login_bad_response' => "Podczas próby logowania :socialAccount wystąpił błąd: \n:error",
'social_account_in_use' => 'To konto :socialAccount jest już w użyciu. Spróbuj zalogować się za pomocą opcji :socialAccount.',
}
/**
- * @return Array<User, string, TestResponse>
+ * @return array<User, string, TestResponse>
*/
protected function startTotpLogin(): array
{
}
/**
- * @return Array<User, string, TestResponse>
+ * @return array<User, string, TestResponse>
*/
protected function startBackupCodeLogin($codes = ['kzzu6-1pgll', 'bzxnf-plygd', 'bwdsp-ysl51', '1vo93-ioy7n', 'lf7nw-wdyka', 'xmtrd-oplac']): array
{
$page->refresh();
$this->assertStringContainsString('<img src=""', $page->html);
}
-
}
public function test_base64_images_get_extracted_from_markdown_page_content()
return Attachment::query()->latest()->first();
}
+ /**
+ * Create a new upload attachment from the given data.
+ */
+ protected function createUploadAttachment(Page $page, string $filename, string $content, string $mimeType): Attachment
+ {
+ $file = tmpfile();
+ $filePath = stream_get_meta_data($file)['uri'];
+ file_put_contents($filePath, $content);
+ $upload = new UploadedFile($filePath, $filename, $mimeType, null, true);
+
+ $this->call('POST', '/attachments/upload', ['uploaded_to' => $page->id], [], ['file' => $upload], []);
+
+ return $page->attachments()->latest()->firstOrFail();
+ }
+
/**
* Delete all uploaded files.
* To assist with cleanup.
$attachment = Attachment::query()->orderBy('id', 'desc')->first();
$this->assertStringNotContainsString($fileName, $attachment->path);
- $this->assertStringEndsWith('.txt', $attachment->path);
+ $this->assertStringEndsWith('-txt', $attachment->path);
+ $this->deleteUploads();
}
public function test_file_display_and_access()
// http-foundation/Response does some 'fixing' of responses to add charsets to text responses.
$attachmentGet->assertHeader('Content-Type', 'text/plain; charset=UTF-8');
$attachmentGet->assertHeader('Content-Disposition', 'inline; filename="upload_test_file.txt"');
+ $attachmentGet->assertHeader('X-Content-Type-Options', 'nosniff');
+
+ $this->deleteUploads();
+ }
+
+ public function test_html_file_access_with_open_forces_plain_content_type()
+ {
+ $page = Page::query()->first();
+ $this->asAdmin();
+
+ $attachment = $this->createUploadAttachment($page, 'test_file.html', '<html></html><p>testing</p>', 'text/html');
+
+ $attachmentGet = $this->get($attachment->getUrl(true));
+ // http-foundation/Response does some 'fixing' of responses to add charsets to text responses.
+ $attachmentGet->assertHeader('Content-Type', 'text/plain; charset=UTF-8');
+ $attachmentGet->assertHeader('Content-Disposition', 'inline; filename="test_file.html"');
$this->deleteUploads();
}
}
}
+ public function test_secure_image_paths_traversal_causes_500()
+ {
+ config()->set('filesystems.images', 'local_secure');
+ $this->asEditor();
+
+ $resp = $this->get('/uploads/images/../../logs/laravel.log');
+ $resp->assertStatus(500);
+ }
+
+ public function test_secure_image_paths_traversal_on_non_secure_images_causes_404()
+ {
+ config()->set('filesystems.images', 'local');
+ $this->asEditor();
+
+ $resp = $this->get('/uploads/images/../../logs/laravel.log');
+ $resp->assertStatus(404);
+ }
+
+ public function test_secure_image_paths_dont_serve_non_images()
+ {
+ config()->set('filesystems.images', 'local_secure');
+ $this->asEditor();
+
+ $testFilePath = storage_path('/uploads/images/testing.txt');
+ file_put_contents($testFilePath, 'hello from test_secure_image_paths_dont_serve_non_images');
+
+ $resp = $this->get('/uploads/images/testing.txt');
+ $resp->assertStatus(404);
+ }
+
public function test_secure_images_included_in_exports()
{
config()->set('filesystems.images', 'local_secure');
projects / bookstack / commitdiff