mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-28 12:30:42 +02:00
Code Issues Releases Wiki Activity

[ticket/security-259] Stop checking image size of images in img bbcode

Browse Source 
SECURITY-259
This commit is contained in:
Marc Alexander
2020-06-25 22:20:58 +02:00
parent 2afa989500
commit d0e2023a63
4 changed files with 2 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
tests/text_processing/message_parser_test.php
View File

@@ -342,26 +342,6 @@ class phpbb_text_processing_message_parser_test extends phpbb_test_case
},
array('You may only use fonts up to size 120.')
),
array(
'[img]http://example.org/100x100.png[/img]',
'<r>[img]<URL url="http://example.org/100x100.png">http://example.org/100x100.png</URL>[/img]</r>',
array(true, true, true, true, true, true, true),
function ($phpbb_container)
{
$phpbb_container->get('config')->set('max_post_img_height', 12);
},
array('Your images may only be up to 12 pixels high.')
),
array(
'[img]http://example.org/100x100.png[/img]',
'<r>[img]<URL url="http://example.org/100x100.png">http://example.org/100x100.png</URL>[/img]</r>',
array(true, true, true, true, true, true, true),
function ($phpbb_container)
{
$phpbb_container->get('config')->set('max_post_img_width', 34);
},
array('Your images may only be up to 34 pixels wide.')
),
array(
'[img]http://example.org/100x100.png[/img]',
'<r><IMG src="http://example.org/100x100.png"><s>[img]</s><URL url="http://example.org/100x100.png">http://example.org/100x100.png</URL><e>[/img]</e></IMG></r>',
@@ -392,16 +372,6 @@ class phpbb_text_processing_message_parser_test extends phpbb_test_case
$phpbb_container->get('config')->set('max_sig_img_width', 34);
}
),
array(
'[img]http://example.org/404.png[/img]',
'<r>[img]<URL url="http://example.org/404.png">http://example.org/404.png</URL>[/img]</r>',
array(true, true, true, true, true, true, true),
function ($phpbb_container)
{
$phpbb_container->get('config')->set('max_post_img_height', 12);
},
array('It was not possible to determine the dimensions of the image.')
),
array(
'[flash=999,999]http://example.org/foo.swf[/flash]',
'<r>[flash=999,999]<URL url="http://example.org/foo.swf">http://example.org/foo.swf</URL>[/flash]</r>',