- Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathStreamWrapperChecker.php
More file actions
46 lines (36 loc) · 828 Bytes
/
StreamWrapperChecker.php
File metadata and controls
46 lines (36 loc) · 828 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?php
namespace Mpdf\File;
use Mpdf\Mpdf;
final class StreamWrapperChecker
{
private $mpdf;
public function __construct(Mpdf $mpdf)
{
$this->mpdf = $mpdf;
}
/**
* @param string $filename
* @return bool
* @since 7.1.8
*/
public function hasBlacklistedStreamWrapper($filename)
{
if (strpos($filename, '://') > 0) {
$wrappers = stream_get_wrappers();
$whitelistStreamWrappers = $this->getWhitelistedStreamWrappers();
foreach ($wrappers as $wrapper) {
if (in_array($wrapper, $whitelistStreamWrappers)) {
continue;
}
if (stripos($filename, $wrapper . '://') === 0) {
return true;
}
}
}
return false;
}
public function getWhitelistedStreamWrappers()
{
return array_diff($this->mpdf->whitelistStreamWrappers, ['phar']); // remove 'phar' (security issue)
}
}