diff options
| author | Georg Ehrke <developer@georgehrke.com> | 2016-06-27 21:26:56 +0200 |
|---|---|---|
| committer | Thomas Müller <DeepDiver1975@users.noreply.github.com> | 2016-06-27 21:26:56 +0200 |
| commit | f107be3d295d5a7cae7bc43559396b56030fc57c (patch) | |
| tree | 6df4161053304f7fc966253b1fe3c140fd68c558 /apps/dav/lib | |
| parent | 06331625a9242ca68a009ad8b7ddadf2de693ddb (diff) | |
| download | nextcloud-server-f107be3d295d5a7cae7bc43559396b56030fc57c.tar.gz nextcloud-server-f107be3d295d5a7cae7bc43559396b56030fc57c.zip | |
fix a ImageExportPlugin Test (#25215)
Diffstat (limited to 'apps/dav/lib')
| -rw-r--r-- | apps/dav/lib/CardDAV/ImageExportPlugin.php | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/apps/dav/lib/CardDAV/ImageExportPlugin.php b/apps/dav/lib/CardDAV/ImageExportPlugin.php index 3f505222491..fcd36b3ff35 100644 --- a/apps/dav/lib/CardDAV/ImageExportPlugin.php +++ b/apps/dav/lib/CardDAV/ImageExportPlugin.php @@ -108,8 +108,18 @@ class ImageExportPlugin extends ServerPlugin { $photo = $vObject->PHOTO; $type = $this->getType($photo); - $valType = $photo->getValueType(); - $val = ($valType === 'URI' ? $photo->getRawMimeDirValue() : $photo->getValue()); + $val = $photo->getValue(); + if ($photo->getValueType() === 'URI') { + $parsed = \Sabre\URI\parse($val); + //only allow data:// + if ($parsed['scheme'] !== 'data') { + return false; + } + if (substr_count($parsed['path'], ';') === 1) { + list($type,) = explode(';', $parsed['path']); + } + $val = file_get_contents($val); + } return [ 'Content-Type' => $type, 'body' => $val |