extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-26 16:48:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

caching images for 10 days and allowing to use it for ico extension too

Browse Source
This commit is contained in:
Ralf Becker 2017-04-28 16:12:11 +02:00
parent 695cf12ded
commit af780e5168
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
api/anon_images.php
View File

@ -25,7 +25,7 @@ $path = $GLOBALS['egw_info']['server']['files_dir'].'/anon-images';
if (!file_exists($path) || empty($_GET['src']) || if (!file_exists($path) || empty($_GET['src']) ||
basename($_GET['src']) !== $_GET['src'] || // make sure no directory traversal basename($_GET['src']) !== $_GET['src'] || // make sure no directory traversal
!preg_match('/^[a-z 0-9._-]+\.(jpe?g|png|gif|svg)$/i', $_GET['src']) || // only allow images, not eg. Javascript! !preg_match('/^[a-z 0-9._-]+\.(jpe?g|png|gif|svg|ico)$/i', $_GET['src']) || // only allow images, not eg. Javascript!
!file_exists($path .= '/'.$_GET['src']) || !file_exists($path .= '/'.$_GET['src']) ||
!($fp = fopen($path, 'r'))) !($fp = fopen($path, 'r')))
{ {
@ -34,8 +34,11 @@ if (!file_exists($path) || empty($_GET['src']) ||
} }
else else
{ {
Api\Session::cache_control(864000); // 10 days
$size = filesize($path);
header('ETag: "'.md5($_GET['src'].$size.filemtime($path)).'"');
header('Content-Type: '.Api\MimeMagic::filename2mime($_GET['src'])); header('Content-Type: '.Api\MimeMagic::filename2mime($_GET['src']));
header('Content-Length: '.filesize($path)); header('Content-Length: '.$size);
fpassthru($fp); fpassthru($fp);
fclose($fp); fclose($fp);
} }