summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWim Leers2013-03-10 11:23:36 (GMT)
committer Wim Leers2013-03-10 11:23:36 (GMT)
commitc9b98bf5c8254b0c6d721fea8b5bf1ac3a827df5 (patch)
tree3d9fbb49e13e3095279c474ce0fe17cf08819c7c
parent31b46c6f4f17c3371ceae970064313b38e83fcea (diff)
Issue #1926884 by Wim Leers: CDN module is not compatible with security fix in Drupal core update 7.207.x-2.6
-rw-r--r--cdn.fallback.inc6
-rw-r--r--cdn.test35
2 files changed, 29 insertions, 12 deletions
diff --git a/cdn.fallback.inc b/cdn.fallback.inc
index 55aec64..e682b55 100644
--- a/cdn.fallback.inc
+++ b/cdn.fallback.inc
@@ -24,13 +24,13 @@ function cdn_html_alter_image_urls(&$html) {
$pattern = "#((<a\s+|<a\s+[^>]*\s+)href\s*=\s*[\"|'])($url_prefix_regex)([^\"|^'|^\?]*)()(\?[^\"|^']*)?";
$pattern .= "("; // Capture everything after the path.
$pattern .= "([\"|'][^>]*)>"; // End of opening <a> tag.
- $pattern .= "((<img\s+|<img\s+[^>]*\s+)src\s*=\s*[\"|'])([^\"|^']*)([\"|'])"; // Wrapped <img> tag.
+ $pattern .= "((<img\s+|<img\s+[^>]*\s+)src\s*=\s*[\"|'])([^\"|^'|^\?]*)()(\?[^\"|^']*)?([\"|'])"; // Wrapped <img> tag.
$pattern .= ")#i";
- _cdn_html_alter_file_url($html, $pattern, 0, 4, 5, 1, 7, 11);
+ _cdn_html_alter_file_url($html, $pattern, 0, 4, 6, 1, 7, 11);
// Image file URLs in <img> tags.
$pattern = "#((<img\s+|<img\s+[^>]*\s+)src\s*=\s*[\"|'])($url_prefix_regex)([^\"|^'|^\?]*)()(\?[^\"|^']*)?([\"|'])#i";
- _cdn_html_alter_file_url($html, $pattern, 0, 4, 5, 1, 7);
+ _cdn_html_alter_file_url($html, $pattern, 0, 4, 6, 1, 7);
}
/**
diff --git a/cdn.test b/cdn.test
index 1b292dd..b341d92 100644
--- a/cdn.test
+++ b/cdn.test
@@ -496,24 +496,41 @@ class CDNImageTestCase extends CDNTestCase {
$html = $template($img_url);
cdn_html_alter_image_urls($html);
$this->assertIdentical($template($cdn . $img_url), $html, 'Image HTML correctly altered.');
- // Query strings should be stripped
- $html = $template($img_url . '?foobar');
+ // Query strings should not be stripped
+ $img_url = base_path() . 'foo/bar/image.png?foobar';
+ $html = $template($img_url);
+ cdn_html_alter_image_urls($html);
+ $this->assertIdentical($template($cdn . $img_url), $html, 'Image HTML correctly altered (query string not stripped).');
+ // In particular: not the query string used to generate image styles.
+ $img_url = base_path() . 'foo/bar/image.png?itok=1234abcd';
+ $html = $template($img_url);
cdn_html_alter_image_urls($html);
- $this->assertIdentical($template($cdn . $img_url), $html, 'Image HTML correctly altered (query string stripped).');
+ $this->assertIdentical($template($cdn . $img_url), $html, 'Image HTML correctly altered (image style query string not stripped).');
// Edge case: a script generating an image is not (yet) supported.
- $img_url = base_path() . 'foo/bar/showimage';
- $html = $template($img_url . '?formula=12345.png');
+ $img_url = base_path() . 'foo/bar/showimage?formula=12345.png';
+ $html = $template($img_url);
cdn_html_alter_image_urls($html);
- $this->assertIdentical($template($cdn . $img_url), $html, 'Image HTML correctly altered (query string stripped).');
+ $this->assertIdentical($template($cdn . $img_url), $html, 'Image HTML correctly altered (query string not stripped).');
// Image altering type 2: "linked image", i.e. "<a><img /></a>"..
$template = function($a_url, $img_url) {
return '<a href="' . $a_url . '"><img src="' . $img_url . '" /></a>';
};
- // Simplest case possible.
+ // Simplest case possible: a linked image linking to the same image.
$img_base_url = base_path() . 'foo/bar/image';
- $a_url = $img_base_url . '.png';
- $img_url = $img_base_url . '-thumbnail.png';
+ $a_url = $img_url = $img_base_url . '.png';
+ $html = $template($a_url, $img_url);
+ cdn_html_alter_image_urls($html);
+ $this->assertIdentical($template($cdn . $a_url, $cdn . $img_url), $html, 'Linked image HTML correctly altered.');
+ // Slightly more complex: a linked image linking to a derivative image.
+ $img_url = $img_base_url . '-thumbnail.png?itok=5678wxyz';
+ $html = $template($a_url, $img_url);
+ cdn_html_alter_image_urls($html);
+ $this->assertIdentical($template($cdn . $a_url, $cdn . $img_url), $html, 'Linked image HTML correctly altered.');
+ // Slightly more complex: a linked derivative image linking to another
+ // derivative image.
+ $a_url = $img_base_url . '-large.png?itok=9012klmn';
+ $img_url = $img_base_url . '-thumbnail.png?itok=5678wxyz';
$html = $template($a_url, $img_url);
cdn_html_alter_image_urls($html);
$this->assertIdentical($template($cdn . $a_url, $cdn . $img_url), $html, 'Linked image HTML correctly altered.');