mirror of
https://github.com/mrclay/minify.git
synced 2025-08-19 12:21:20 +02:00
@@ -120,6 +120,11 @@ $sourceFactoryOptions = array();
|
||||
if (isset($min_serveOptions['minApp']['noMinPattern'])) {
|
||||
$sourceFactoryOptions['noMinPattern'] = $min_serveOptions['minApp']['noMinPattern'];
|
||||
}
|
||||
|
||||
if (isset($min_serveOptions['minApp']['allowDirs'])) {
|
||||
$sourceFactoryOptions['allowDirs'] = $min_serveOptions['minApp']['allowDirs'];
|
||||
}
|
||||
|
||||
$sourceFactory = new Minify_Source_Factory($env, $sourceFactoryOptions, $cache);
|
||||
|
||||
$controller = call_user_func($min_factories['controller'], $env, $sourceFactory);
|
||||
|
@@ -110,6 +110,20 @@ class Minify_Source_Factory {
|
||||
return $realpath;
|
||||
}
|
||||
|
||||
/**
|
||||
* turn windows-style slashes into unix-style,
|
||||
* remove trailing slash
|
||||
* and lowercase drive letter
|
||||
*
|
||||
* @param string $path absolute path
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getNormalizedPath($path)
|
||||
{
|
||||
return lcfirst(rtrim(str_replace('\\', '/', $path), '/'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @param mixed $spec
|
||||
*
|
||||
@@ -139,12 +153,17 @@ class Minify_Source_Factory {
|
||||
}
|
||||
|
||||
if ($this->options['checkAllowDirs']) {
|
||||
$inAllowedDir = false;
|
||||
foreach ((array)$this->options['allowDirs'] as $allowDir) {
|
||||
if (strpos($spec['filepath'], $allowDir) !== 0) {
|
||||
throw new Minify_Source_FactoryException("File '{$spec['filepath']}' is outside \$allowDirs."
|
||||
. " If the path is resolved via an alias/symlink, look into the \$min_symlinks option.");
|
||||
if (strpos($this->getNormalizedPath($spec['filepath']), $this->getNormalizedPath($allowDir)) === 0) {
|
||||
$inAllowedDir = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$inAllowedDir) {
|
||||
throw new Minify_Source_FactoryException("File '{$spec['filepath']}' is outside \$allowDirs."
|
||||
. " If the path is resolved via an alias/symlink, look into the \$min_symlinks option.");
|
||||
}
|
||||
}
|
||||
|
||||
$basename = basename($spec['filepath']);
|
||||
|
Reference in New Issue
Block a user