/** * Tests derivative creation with several source on a local writable stream. * * @dataProvider providerTestCustomStreamWrappers * * @param string $source_scheme * The source stream wrapper scheme. * @param string $expected_scheme * The derivative expected stream wrapper scheme. */ public function testCustomStreamWrappers($source_scheme, $expected_scheme) { $derivative_uri = $this->imageStyle->buildUri("{$source_scheme}://some/path/image.png"); $derivative_scheme = $this->fileSystem->uriScheme($derivative_uri); // Check that the derivative scheme is the expected scheme. $this->assertSame($expected_scheme, $derivative_scheme); // Check that the derivative URI is the expected one. $expected_uri = "{$expected_scheme}://styles/{$this->imageStyle->id()}/{$source_scheme}/some/path/image.png"; $this->assertSame($expected_uri, $derivative_uri); }
/** * Tests building an image style URL. */ function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_slash = FALSE) { $this->prepareRequestForGenerator($clean_url); // Make the default scheme neither "public" nor "private" to verify the // functions work for other than the default scheme. $this->config('system.file')->set('default_scheme', 'temporary')->save(); // Create the directories for the styles. $directory = $scheme . '://styles/' . $this->style->id(); $status = file_prepare_directory($directory, FILE_CREATE_DIRECTORY); $this->assertNotIdentical(FALSE, $status, 'Created the directory for the generated images for the test style.'); // Create a working copy of the file. $files = $this->drupalGetTestFiles('image'); $file = array_shift($files); $original_uri = file_unmanaged_copy($file->uri, $scheme . '://', FILE_EXISTS_RENAME); // Let the image_module_test module know about this file, so it can claim // ownership in hook_file_download(). \Drupal::state()->set('image.test_file_download', $original_uri); $this->assertNotIdentical(FALSE, $original_uri, 'Created the generated image file.'); // Get the URL of a file that has not been generated and try to create it. $generated_uri = $this->style->buildUri($original_uri); $this->assertFalse(file_exists($generated_uri), 'Generated file does not exist.'); $generate_url = $this->style->buildUrl($original_uri, $clean_url); // Ensure that the tests still pass when the file is generated by accessing // a poorly constructed (but still valid) file URL that has an extra slash // in it. if ($extra_slash) { $modified_uri = str_replace('://', ':///', $original_uri); $this->assertNotEqual($original_uri, $modified_uri, 'An extra slash was added to the generated file URI.'); $generate_url = $this->style->buildUrl($modified_uri, $clean_url); } if (!$clean_url) { $this->assertTrue(strpos($generate_url, 'index.php/') !== FALSE, 'When using non-clean URLS, the system path contains the script name.'); } // Add some extra chars to the token. $this->drupalGet(str_replace(IMAGE_DERIVATIVE_TOKEN . '=', IMAGE_DERIVATIVE_TOKEN . '=Zo', $generate_url)); $this->assertResponse(403, 'Image was inaccessible at the URL with an invalid token.'); // Change the parameter name so the token is missing. $this->drupalGet(str_replace(IMAGE_DERIVATIVE_TOKEN . '=', 'wrongparam=', $generate_url)); $this->assertResponse(403, 'Image was inaccessible at the URL with a missing token.'); // Check that the generated URL is the same when we pass in a relative path // rather than a URI. We need to temporarily switch the default scheme to // match the desired scheme before testing this, then switch it back to the // "temporary" scheme used throughout this test afterwards. $this->config('system.file')->set('default_scheme', $scheme)->save(); $relative_path = file_uri_target($original_uri); $generate_url_from_relative_path = $this->style->buildUrl($relative_path, $clean_url); $this->assertEqual($generate_url, $generate_url_from_relative_path); $this->config('system.file')->set('default_scheme', 'temporary')->save(); // Fetch the URL that generates the file. $this->drupalGet($generate_url); $this->assertResponse(200, 'Image was generated at the URL.'); $this->assertTrue(file_exists($generated_uri), 'Generated file does exist after we accessed it.'); $this->assertRaw(file_get_contents($generated_uri), 'URL returns expected file.'); $image = $this->container->get('image.factory')->get($generated_uri); $this->assertEqual($this->drupalGetHeader('Content-Type'), $image->getMimeType(), 'Expected Content-Type was reported.'); $this->assertEqual($this->drupalGetHeader('Content-Length'), $image->getFileSize(), 'Expected Content-Length was reported.'); if ($scheme == 'private') { $this->assertEqual($this->drupalGetHeader('Expires'), 'Sun, 19 Nov 1978 05:00:00 GMT', 'Expires header was sent.'); $this->assertNotEqual(strpos($this->drupalGetHeader('Cache-Control'), 'no-cache'), FALSE, 'Cache-Control header contains \'no-cache\' to prevent caching.'); $this->assertEqual($this->drupalGetHeader('X-Image-Owned-By'), 'image_module_test', 'Expected custom header has been added.'); // Make sure that a second request to the already existing derivative // works too. $this->drupalGet($generate_url); $this->assertResponse(200, 'Image was generated at the URL.'); // Make sure that access is denied for existing style files if we do not // have access. \Drupal::state()->delete('image.test_file_download'); $this->drupalGet($generate_url); $this->assertResponse(403, 'Confirmed that access is denied for the private image style.'); // Repeat this with a different file that we do not have access to and // make sure that access is denied. $file_noaccess = array_shift($files); $original_uri_noaccess = file_unmanaged_copy($file_noaccess->uri, $scheme . '://', FILE_EXISTS_RENAME); $generated_uri_noaccess = $scheme . '://styles/' . $this->style->id() . '/' . $scheme . '/' . drupal_basename($original_uri_noaccess); $this->assertFalse(file_exists($generated_uri_noaccess), 'Generated file does not exist.'); $generate_url_noaccess = $this->style->buildUrl($original_uri_noaccess); $this->drupalGet($generate_url_noaccess); $this->assertResponse(403, 'Confirmed that access is denied for the private image style.'); // Verify that images are not appended to the response. Currently this test only uses PNG images. if (strpos($generate_url, '.png') === FALSE) { $this->fail('Confirming that private image styles are not appended require PNG file.'); } else { // Check for PNG-Signature (cf. http://www.libpng.org/pub/png/book/chapter08.html#png.ch08.div.2) in the // response body. $this->assertNoRaw(chr(137) . chr(80) . chr(78) . chr(71) . chr(13) . chr(10) . chr(26) . chr(10), 'No PNG signature found in the response body.'); } } else { $this->assertEqual($this->drupalGetHeader('Expires'), 'Sun, 19 Nov 1978 05:00:00 GMT', 'Expires header was sent.'); $this->assertEqual(strpos($this->drupalGetHeader('Cache-Control'), 'no-cache'), FALSE, 'Cache-Control header contains \'no-cache\' to prevent caching.'); if ($clean_url) { // Add some extra chars to the token. $this->drupalGet(str_replace(IMAGE_DERIVATIVE_TOKEN . '=', IMAGE_DERIVATIVE_TOKEN . '=Zo', $generate_url)); $this->assertResponse(200, 'Existing image was accessible at the URL with an invalid token.'); } } // Allow insecure image derivatives to be created for the remainder of this // test. $this->config('image.settings')->set('allow_insecure_derivatives', TRUE)->save(); // Create another working copy of the file. $files = $this->drupalGetTestFiles('image'); $file = array_shift($files); $original_uri = file_unmanaged_copy($file->uri, $scheme . '://', FILE_EXISTS_RENAME); // Let the image_module_test module know about this file, so it can claim // ownership in hook_file_download(). \Drupal::state()->set('image.test_file_download', $original_uri); // Suppress the security token in the URL, then get the URL of a file that // has not been created and try to create it. Check that the security token // is not present in the URL but that the image is still accessible. $this->config('image.settings')->set('suppress_itok_output', TRUE)->save(); $generated_uri = $this->style->buildUri($original_uri); $this->assertFalse(file_exists($generated_uri), 'Generated file does not exist.'); $generate_url = $this->style->buildUrl($original_uri, $clean_url); $this->assertIdentical(strpos($generate_url, IMAGE_DERIVATIVE_TOKEN . '='), FALSE, 'The security token does not appear in the image style URL.'); $this->drupalGet($generate_url); $this->assertResponse(200, 'Image was accessible at the URL with a missing token.'); // Stop supressing the security token in the URL. $this->config('image.settings')->set('suppress_itok_output', FALSE)->save(); // Ensure allow_insecure_derivatives is enabled. $this->assertEqual($this->config('image.settings')->get('allow_insecure_derivatives'), TRUE); // Check that a security token is still required when generating a second // image derivative using the first one as a source. $nested_url = $this->style->buildUrl($generated_uri, $clean_url); $matches_expected_url_format = (bool) preg_match('/styles\\/' . $this->style->id() . '\\/' . $scheme . '\\/styles\\/' . $this->style->id() . '\\/' . $scheme . '/', $nested_url); $this->assertTrue($matches_expected_url_format, "URL for a derivative of an image style matches expected format."); $nested_url_with_wrong_token = str_replace(IMAGE_DERIVATIVE_TOKEN . '=', 'wrongparam=', $nested_url); $this->drupalGet($nested_url_with_wrong_token); $this->assertResponse(403, 'Image generated from an earlier derivative was inaccessible at the URL with a missing token.'); // Check that this restriction cannot be bypassed by adding extra slashes // to the URL. $this->drupalGet(substr_replace($nested_url_with_wrong_token, '//styles/', strrpos($nested_url_with_wrong_token, '/styles/'), strlen('/styles/'))); $this->assertResponse(403, 'Image generated from an earlier derivative was inaccessible at the URL with a missing token, even with an extra forward slash in the URL.'); $this->drupalGet(substr_replace($nested_url_with_wrong_token, '////styles/', strrpos($nested_url_with_wrong_token, '/styles/'), strlen('/styles/'))); $this->assertResponse(403, 'Image generated from an earlier derivative was inaccessible at the URL with a missing token, even with multiple forward slashes in the URL.'); // Make sure the image can still be generated if a correct token is used. $this->drupalGet($nested_url); $this->assertResponse(200, 'Image was accessible when a correct token was provided in the URL.'); // Check that requesting a nonexistent image does not create any new // directories in the file system. $directory = $scheme . '://styles/' . $this->style->id() . '/' . $scheme . '/' . $this->randomMachineName(); $this->drupalGet(file_create_url($directory . '/' . $this->randomString())); $this->assertFalse(file_exists($directory), 'New directory was not created in the filesystem when requesting an unauthorized image.'); }
/** * Generates a derivative, given a style and image path. * * After generating an image, transfer it to the requesting agent. * * @param \Symfony\Component\HttpFoundation\Request $request * The request object. * @param string $scheme * The file scheme, defaults to 'private'. * @param \Drupal\image\ImageStyleInterface $image_style * The image style to deliver. * * @return \Symfony\Component\HttpFoundation\BinaryFileResponse|\Symfony\Component\HttpFoundation\Response * The transferred file as response or some error response. * * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException * Thrown when the user does not have access to the file. * @throws \Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException * Thrown when the file is still being generated. */ public function deliver(Request $request, $scheme, ImageStyleInterface $image_style) { $target = $request->query->get('file'); $image_uri = $scheme . '://' . $target; // Check that the style is defined, the scheme is valid, and the image // derivative token is valid. Sites which require image derivatives to be // generated without a token can set the // 'image.settings:allow_insecure_derivatives' configuration to TRUE to // bypass the latter check, but this will increase the site's vulnerability // to denial-of-service attacks. To prevent this variable from leaving the // site vulnerable to the most serious attacks, a token is always required // when a derivative of a style is requested. // The $target variable for a derivative of a style has // styles/<style_name>/... as structure, so we check if the $target variable // starts with styles/. $valid = !empty($image_style) && file_stream_wrapper_valid_scheme($scheme); if (!$this->config('image.settings')->get('allow_insecure_derivatives') || strpos(ltrim($target, '\\/'), 'styles/') === 0) { $valid &= $request->query->get(IMAGE_DERIVATIVE_TOKEN) === $image_style->getPathToken($image_uri); } if (!$valid) { throw new AccessDeniedHttpException(); } $derivative_uri = $image_style->buildUri($image_uri); $headers = array(); // If using the private scheme, let other modules provide headers and // control access to the file. if ($scheme == 'private') { if (file_exists($derivative_uri)) { return parent::download($request, $scheme); } else { $headers = $this->moduleHandler()->invokeAll('file_download', array($image_uri)); if (in_array(-1, $headers) || empty($headers)) { throw new AccessDeniedHttpException(); } } } // Don't try to generate file if source is missing. if (!file_exists($image_uri)) { // If the image style converted the extension, it has been added to the // original file, resulting in filenames like image.png.jpeg. So to find // the actual source image, we remove the extension and check if that // image exists. $path_info = pathinfo($image_uri); $converted_image_uri = $path_info['dirname'] . DIRECTORY_SEPARATOR . $path_info['filename']; if (!file_exists($converted_image_uri)) { $this->logger->notice('Source image at %source_image_path not found while trying to generate derivative image at %derivative_path.', array('%source_image_path' => $image_uri, '%derivative_path' => $derivative_uri)); return new Response($this->t('Error generating image, missing source file.'), 404); } else { // The converted file does exist, use it as the source. $image_uri = $converted_image_uri; } } // Don't start generating the image if the derivative already exists or if // generation is in progress in another thread. $lock_name = 'image_style_deliver:' . $image_style->id() . ':' . Crypt::hashBase64($image_uri); if (!file_exists($derivative_uri)) { $lock_acquired = $this->lock->acquire($lock_name); if (!$lock_acquired) { // Tell client to retry again in 3 seconds. Currently no browsers are // known to support Retry-After. throw new ServiceUnavailableHttpException(3, $this->t('Image generation in progress. Try again shortly.')); } } // Try to generate the image, unless another thread just did it while we // were acquiring the lock. $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri); if (!empty($lock_acquired)) { $this->lock->release($lock_name); } if ($success) { $image = $this->imageFactory->get($derivative_uri); $uri = $image->getSource(); $headers += array('Content-Type' => $image->getMimeType(), 'Content-Length' => $image->getFileSize()); // \Drupal\Core\EventSubscriber\FinishResponseSubscriber::onRespond() // sets response as not cacheable if the Cache-Control header is not // already modified. We pass in FALSE for non-private schemes for the // $public parameter to make sure we don't change the headers. return new BinaryFileResponse($uri, 200, $headers, $scheme !== 'private'); } else { $this->logger->notice('Unable to generate the derived image located at %path.', array('%path' => $derivative_uri)); return new Response($this->t('Error generating image.'), 500); } }
/** * Generates a derivative, given a style and image path. * * After generating an image, transfer it to the requesting agent. * * @param \Symfony\Component\HttpFoundation\Request $request * The request object. * @param string $scheme * The file scheme, defaults to 'private'. * @param \Drupal\image\ImageStyleInterface $image_style * The image style to deliver. * * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException * Thrown when the user does not have access to the file. * @throws \Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException * Thrown when the file is still being generated. * * @return \Symfony\Component\HttpFoundation\BinaryFileResponse|\Symfony\Component\HttpFoundation\Response * The transferred file as response or some error response. */ public function deliver(Request $request, $scheme, ImageStyleInterface $image_style) { $target = $request->query->get('file'); $image_uri = $scheme . '://' . $target; // Check that the style is defined, the scheme is valid, and the image // derivative token is valid. Sites which require image derivatives to be // generated without a token can set the // 'image.settings:allow_insecure_derivatives' configuration to TRUE to // bypass the latter check, but this will increase the site's vulnerability // to denial-of-service attacks. $valid = !empty($image_style) && file_stream_wrapper_valid_scheme($scheme); if (!$this->config('image.settings')->get('allow_insecure_derivatives')) { $valid &= $request->query->get(IMAGE_DERIVATIVE_TOKEN) === $image_style->getPathToken($image_uri); } if (!$valid) { throw new AccessDeniedHttpException(); } $derivative_uri = $image_style->buildUri($image_uri); $headers = array(); // If using the private scheme, let other modules provide headers and // control access to the file. if ($scheme == 'private') { if (file_exists($derivative_uri)) { return parent::download($request, $scheme); } else { $headers = $this->moduleHandler()->invokeAll('file_download', array($image_uri)); if (in_array(-1, $headers) || empty($headers)) { throw new AccessDeniedHttpException(); } } } // Don't try to generate file if source is missing. if (!file_exists($image_uri)) { watchdog('image', 'Source image at %source_image_path not found while trying to generate derivative image at %derivative_path.', array('%source_image_path' => $image_uri, '%derivative_path' => $derivative_uri)); return new Response($this->t('Error generating image, missing source file.'), 404); } // Don't start generating the image if the derivative already exists or if // generation is in progress in another thread. $lock_name = 'image_style_deliver:' . $image_style->id() . ':' . Crypt::hashBase64($image_uri); if (!file_exists($derivative_uri)) { $lock_acquired = $this->lock->acquire($lock_name); if (!$lock_acquired) { // Tell client to retry again in 3 seconds. Currently no browsers are // known to support Retry-After. throw new ServiceUnavailableHttpException(3, $this->t('Image generation in progress. Try again shortly.')); } } // Try to generate the image, unless another thread just did it while we // were acquiring the lock. $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri); if (!empty($lock_acquired)) { $this->lock->release($lock_name); } if ($success) { drupal_page_is_cacheable(FALSE); $image = $this->imageFactory->get($derivative_uri); $uri = $image->getSource(); $headers += array('Content-Type' => $image->getMimeType(), 'Content-Length' => $image->getFileSize()); return new BinaryFileResponse($uri, 200, $headers); } else { watchdog('image', 'Unable to generate the derived image located at %path.', array('%path' => $derivative_uri)); return new Response($this->t('Error generating image.'), 500); } }