verbose("referer host = {$refererHost}"); $autoloader = getConfig('autoloader', false); $cimageClass = getConfig('cimage_class', false); if ($autoloader) { require $autoloader; } elseif ($cimageClass) { require $cimageClass; } $img = new CImage(); $img->setVerbose($verbose || $verboseFile); $allowRemote = getConfig('remote_allow', false); if ($allowRemote && $passwordMatch !== false) { $pattern = getConfig('remote_pattern', null); $img->setRemoteDownload($allowRemote, $pattern); $whitelist = getConfig('remote_whitelist', null); $img->setRemoteHostWhitelist($whitelist); } $shortcut = get(array('shortcut', 'sc'), null); $shortcutConfig = getConfig('shortcut', array('sepia' => "&f=grayscale&f0=brightness,-10&f1=contrast,-20&f2=colorize,120,60,0,0&sharpen")); verbose("shortcut = {$shortcut}"); if (isset($shortcut) && isset($shortcutConfig[$shortcut])) { parse_str($shortcutConfig[$shortcut], $get); verbose("shortcut-constant = {$shortcutConfig[$shortcut]}"); $_GET = array_merge($_GET, $get); } $srcImage = urldecode(get('src')) or errorPage('Must set src-attribute.', 404); $imagePath = getConfig('image_path', __DIR__ . '/img/'); $imagePathConstraint = getConfig('image_path_constraint', true); $validFilename = getConfig('valid_filename', '#^[a-z0-9A-Z-/_ \\.:]+$#'); $dummyEnabled = getConfig('dummy_enabled', true); $dummyFilename = getConfig('dummy_filename', 'dummy');
/** * Test * * @param string $hostname not matching the whitelist * * @return void * * @dataProvider providerHostnameNoMatch * */ public function testRemoteHostWhitelistNoMatch($hostname) { $img = new CImage(); $img->setRemoteHostWhitelist($this->remote_whitelist); $res = $img->isRemoteSourceOnWhitelist("http://{$hostname}/img.jpg"); $this->assertFalse($res, "Should not be a valid hostname on the whitelist: '{$hostname}'."); }