From: Haxatron <redacted>
Date: Tue, 26 Oct 2021 01:39:16 +0000 (+0800)
Subject: Update ImageRepo.php
X-Git-Tag: v21.10.1^2~2^2
X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/64937ab826b56d086af9ecea532510d37520ebc8

Update ImageRepo.php

fix image validation vulnerability
---

diff --git a/app/Uploads/ImageRepo.php b/app/Uploads/ImageRepo.php
index c4205e357..e76a0a97d 100644
--- a/app/Uploads/ImageRepo.php
+++ b/app/Uploads/ImageRepo.php
@@ -38,7 +38,7 @@ class ImageRepo
      */
     public function imageExtensionSupported(string $extension): bool
     {
-        return in_array(trim($extension, '. \t\n\r\0\x0B'), static::$supportedExtensions);
+        return in_array(trim($extension, ". \t\n\r\0\x0B"), static::$supportedExtensions);
     }
 
     /**