tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-25 23:04:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4227 from Icinga/fix/incorrect-module-image-delivery

Browse Source 
static/img: Make sure to correctly access module images
This commit is contained in:
Johannes Meyer 2020-08-19 11:02:23 +02:00 committed by GitHub
commit 86ca586dd6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
application/controllers/StaticController.php
View File

@ -68,16 +68,16 @@ class StaticController extends Controller
*/ */
public function imgAction() public function imgAction()
{ {
$moduleRoot = Icinga::app() $imgRoot = Icinga::app()
->getModuleManager() ->getModuleManager()
->getModule($this->getParam('module_name')) ->getModule($this->getParam('module_name'))
->getBaseDir(); ->getBaseDir() . '/public/img/';
$file = $this->getParam('file'); $file = $this->getParam('file');
$filePath = realpath($moduleRoot . '/public/img/' . $file); $filePath = realpath($imgRoot . $file);
if ($filePath === false) { if ($filePath === false || substr($filePath, 0, strlen($imgRoot)) !== $imgRoot) {
$this->httpNotFound('%s does not exist', $filePath); $this->httpNotFound('%s does not exist', $file);
} }
if (preg_match('/\.([a-z]+)$/i', $file, $m)) { if (preg_match('/\.([a-z]+)$/i', $file, $m)) {