mirror/minify
1
0
Fork 0
mirror of https://github.com/mrclay/minify.git synced 2025-08-19 04:11:20 +02:00
Code Issues Releases Wiki Activity

fixes to allowDirs processing, #496, #497, #498

Browse Source 
Merge branch 'pr/496'
This commit is contained in:
Elan Ruusamäe
2016-01-22 08:50:54 +02:00
parent 30961eb2ee 14bde12d3b
commit 72ae74f1c5
2 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
index.php
View File

@@ -120,6 +120,11 @@ $sourceFactoryOptions = array();
if (isset($min_serveOptions['minApp']['noMinPattern'])) {
$sourceFactoryOptions['noMinPattern'] = $min_serveOptions['minApp']['noMinPattern'];
}
if (isset($min_serveOptions['minApp']['allowDirs'])) {
$sourceFactoryOptions['allowDirs'] = $min_serveOptions['minApp']['allowDirs'];
}
$sourceFactory = new Minify_Source_Factory($env, $sourceFactoryOptions, $cache);
$controller = call_user_func($min_factories['controller'], $env, $sourceFactory);

25
lib/Minify/Source/Factory.php
View File

@@ -110,6 +110,20 @@ class Minify_Source_Factory {
return $realpath;
}
/**
* turn windows-style slashes into unix-style,
* remove trailing slash
* and lowercase drive letter
*
* @param string $path absolute path
*
* @return string
*/
public function getNormalizedPath($path)
{
return lcfirst(rtrim(str_replace('\\', '/', $path), '/'));
}
/**
* @param mixed $spec
*
@@ -139,12 +153,17 @@ class Minify_Source_Factory {
}
if ($this->options['checkAllowDirs']) {
$inAllowedDir = false;
foreach ((array)$this->options['allowDirs'] as $allowDir) {
if (strpos($spec['filepath'], $allowDir) !== 0) {
throw new Minify_Source_FactoryException("File '{$spec['filepath']}' is outside \$allowDirs."
. " If the path is resolved via an alias/symlink, look into the \$min_symlinks option.");
if (strpos($this->getNormalizedPath($spec['filepath']), $this->getNormalizedPath($allowDir)) === 0) {
$inAllowedDir = true;
}
}
if (!$inAllowedDir) {
throw new Minify_Source_FactoryException("File '{$spec['filepath']}' is outside \$allowDirs."
. " If the path is resolved via an alias/symlink, look into the \$min_symlinks option.");
}
}
$basename = basename($spec['filepath']);