From 2c4d3c9f98f3e62b650ca22085e0c8ee8379ae10 Mon Sep 17 00:00:00 2001 From: Luke Towers Date: Tue, 8 Sep 2020 16:04:40 -0600 Subject: [PATCH] Fix issue where URLs generated by the ImageResizer were not correctly encoded. Related https://github.com/laravel/framework/issues/34199 --- modules/system/classes/ImageResizer.php | 5 ++++- tests/fixtures/media/october space.png | Bin 0 -> 6733 bytes tests/unit/system/classes/ImageResizerTest.php | 15 +++++++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 tests/fixtures/media/october space.png diff --git a/modules/system/classes/ImageResizer.php b/modules/system/classes/ImageResizer.php index 2e5570ac5..0b1ae8af5 100644 --- a/modules/system/classes/ImageResizer.php +++ b/modules/system/classes/ImageResizer.php @@ -500,7 +500,10 @@ class ImageResizer $url = $resizedDisk->url($this->getPathToResizedImage()); } - return $url; + // Ensure that a properly encoded URL is returned + $segments = explode('/', $url); + $lastSegment = array_pop($segments); + return implode('/', $segments) . '/' . rawurlencode(rawurldecode($lastSegment)); } /** diff --git a/tests/fixtures/media/october space.png b/tests/fixtures/media/october space.png new file mode 100644 index 0000000000000000000000000000000000000000..abf039cf0309b8ca30dd42616033077c700c1306 GIT binary patch literal 6733 zcmZ`;cTf}2x85X#5{l9iAt)sj0TX%$MQV_y^b#OSCm}=#9W}8b(osYODT?#}0)YUQ zfYPLhC`AE@g3?4$l&-w^oA<|W-prewyLaw6-}%m-Gdpwdew%XA!CDX|2?GE?&<1Pa z#F?l54PI`}9qILo#+kT+kJ}#yfJd49yQiU?wTwU3$sPa_6aj#G83499Ch7tJM5_b9 z5*`2yZvy~=T+nvPnB(9+V{2^z?ESlnpOoL=Sa>Kl_Le+sehBXYb#eKzEDrdUjm2@7 zxc4jf;*(rQ89mQzcrWoifT)}jmcNLKHglG`pG@@$E_QzU7Urxd%n$8wHK8 z{uVOU-xKPfD!C^fI#s%;xYoH8o8$9TRA07ieyH$FjmC@VyTXf?_yxdLV1HU99*Iv} zi%_K+7K?0(dGNYG7^XKmD_E5Y+;rdoD2+!ETPxyUdwcfGaJw=_QS)-%H;jS zJq`U+MBG5TK%5|q!&T)v3D@V@EZn+~?+P_O&C0(-Qa()1=xE+YMw4-N1cn_$VAF)G zwwmH)1RaW*xK4dQMbiEpe3Gk(2a%Dh+VwUi&TOJjojn9&t=s4`9>jjd{Wx|wqzoJ^ zOuR&kqV-cx7fydNgG@^cUS0|c^1Ncm7245kLQeN=6kJ=?-QXtioWD|9SoyZI3oMBp z>$S&z!Oj4rbHb~l?9%~ij`VxrJiUpRRB!5qo~M5pxG=~nu!@?i$TBO(1P-}!@9x*v zQJ*l?3><=dGnZ>PXJ{l-?ZlsF-yee_dr|A7-)gem*cYe?3aU=R?Buw!}p3aiOgD#j(^GFaq^Zg6K0o zP5b(8(bI@QR_<`SJZI%g6ebF?rh_zR!hh_)1=gY#fgXq}Gsu-SlVx(s_D0^6`2MUX zbqcH!Y~&AeYI37^9Goc`=Z(JS#jM5W1GoqYBJf?d%THr?urUdnO7%~(ECj@s+8k)h z6+YS6$)~q`+`(}NoqZ%c`~gabzacMER9UZNSefkS(Ncn?&hhfAJrb-$OQbtsz+qAn zpUzQ>kg4v)!%zWSY1*^_R;#lA>QrU>q=msE-Jjc<;!78<(NW3Chaab>40S389m(IDW-9@wYg=)uur*?YJ z=cT?E+N9Ai9vhnSd6BSHpRa0}!?2o_`t!D7trp4aeA0WYpmOM&Jr*(yJ zkq3ROQRD2PG1FK=8DKEX+qPSB3ytre!qRVFLcOx3MdAEFwWilwKJ6zX+qPO>nIs%dL|qBqP}m>O zR}k+lWS%kk_1nbf@y5@$Oq~R={+30Q{UX?RXf9Rv1!dv^_sFVCEhl+gV$U``6z410 zEK_FXvc_`7Kl`@lJ#D+0D4Q&2EA@DNkkZh45JVPT&&Bn28yg=?k6Mpi11uEOax}BjaebL)T+8xL}0CBAXXsu`&p%u zsL_WS@a#we*)Vwlp ztI%z2uo|dEZlyjfJ+-;~lD`gDiq}(6QW+ehCwa+*{Zofoe|0LHpJ*XTu!9tuJKV~X zyJJ|pWIA{Gnih}SJpkkM^P5X4Dz&akR%*9nU` zS5&R94{kn=QSGJu_5~O4PeF+pZ>^MdKXhVydTOK$l%1;Jn8Yzbc78^!&WO+RKrKeK zh_d*m_V8GV$i&gjsLoGZ@-t4f{+yRth6-JUkd~aUP=_xP{p(`GcQ2zyNLy#{!H(VG zhn@7pZm*CYsgJ@ED2xjeb!jDz7g$&F?J7Bi zInw$~{b>)tj~qrR(`72+{W0f98lu5StZSo0_sgvs6RN*B^B3Klc2?MIaV#(NNuL1= zdanci`eeXtA`Y0<2SVpGr@EsH2H~Xr4US??(m!2X_tWV8fXxeZ5oyi)7>}WVt!RFD z;Q)`Upt$S3=j-rQ6GOf%%Iy$8%k|l9sJ4{?HfKkD5;M^D1}q%=(_`S&wyBG4n0UKL zcZ12zCgOC308?^8frWTe!ivK;doc?cMx+hiUJIQs)k>}?o8E}^)e)8B4K|9xWmjcP z=C>#2+`Ixm%0aY1DY{q6NS745?~dlz6?T(VA}I=UI;$Uh3uluUWS?p=eemFs#X)|; zF+2VlR&s!RLngs~^@SBXhLt@Kk?K=v`(rP_vTALIfSoag*7DoGn0pQ_vr5Pg6;ZCA zv%K=@NEo=RGf&WMNRlm=XfT5g7w zOr>|bvZG0u6x>2J{1N$F)>O-RkmEJ(VujoU#q76q*sMxrf*W7XerZC}2%OEm@WN&i zrGMyM)N=KMoCd}2m4rz!&fvVe%aAT{_Vru3-SkUM=+H&IOmoR=rKA>Z`k zU<4l_)4CBg0&;jl8+eP*zkQ&^kyuYgW!37JRNE)ZMD*t!KWnKH4v@4Z#~g;AR;R1P zN;;%nsXPP0{JbiW(iP3MR_fMf;8OLnsyXA0Lgr-WZ|J(2bB@c_oBehdEu~0-Q>@(k zuXSDjGPD{tkWyrG-W~l6m7{F#WZtO*Qj54d{-5u!RaOylWfLPiKrP6>dY*QccWxQD z2bKxHc=lep=tpiP2r%gm%yVZ6)-lKa$ zKQ{MtzW-i@r%uXdY)LDTja1212WUt;0a}$l4M{89f3mCmAnkq@b<&3B+*P4|1ShZ3 zL_fNQo|1C?E7q@ThlAIO*}|f{?&~I;`hv^NZdNQV?lV0SR*$DiQa>9C#EA=O6>u>)zc0LZ{i^EgF^?~PMYpFW!a1)L)%*JbLy780-Jvm9mL9`! z73k=TACU{9v*u2%byjRXHk=(Uf9Io^HPu@@+4i0Fd|DOac=8Nz3{o|?5!01^XqM0a z<3*qrKv%QdZb8OD7r^R04te_b8l<^{;){RR2- zCMlyn4+BKgNX^HewfeZ1TwWzrjeNsliwp+%g4KJZ+R`Vjc8K-tklQO2eAHn~p!Y~Y z_0y9FW7d-i8udOxN$+3(xjxr@$UF^QtT_zBJ7eJv`TLsl(jN|aQ;&i3Kt(ZYtv=~S zo;9p@?N{F%5p5q0Ix?Ai&$Ibjw5s}8_=V(ebn(74n>i!A2!hNvdrV2pSap<$Zx`@* z{k(MQ&^tMDUmG2AG-Ell=c7}z#EsfTpLMV1{`N~~kvqnacVA;{T)R8F?lW;O74J=s zDND#~op&b%aOqObX^U8dcV3f-hh)wbbMzGax*X*TKl}_zTQ01bUkk4qc3;u39n``T;Chotd!KeqTMaK5I9Lo<8y;&6%%g@sDTjR z{7@r`IkpQL!eCRhup2wuu=M zYgVNx*_bdwgW25pf?5AvkVeq$7vUdsSgy(h)9aQtf-*WyYJ{u|+uzRY+I>1E<;awV#DdVuoo;D!HV&!rg#qT(G({{UUz1;YjG|6tw#m^G7-jjM29LUH^> zG2Ld=Shx~9fvsAYzHH5kYWBG)h`ifRjitOBRUMV}l;6ne?2h4T?!ekyQ9hK>=kLLM zg;XU6ooSLhme?41BU_R>N%MmYhO)+Z^m+98_fC9J(_!hTlJ6}?|1u3z41@fo24oW* zw6L1uee%k`$vEE=3HG}586xLA>$S6?!{d<#zWn+y>jUlFSEbicvP6t&+l>5bL7;coo^3<&<;=I5wfBBJlqTLvi5x& zm{mRYC6}2`L20q3L(TR-DM$2VKmT0{e`1=S;gcjVAT;bmSNKDHO}{NTt&K-sE)Bm& zeWviG$PQyqq$ttr$-=7RK~y8rN>AzQk~XNjL5d?+wNI;>ZMWO=Y{wgB6rp;us)$zx zb@`Ly3D4;Ljb9JvpyH*-%Id?jljpeO2G>)YI3HMURa!^m8b9TTPpB_5@=Z1*Zy}e* zLK>qRUw6_h?!c8bJzpP?mopez+ezY8rUgGCa*?1TU6$>o>qBiTAx995a~am~rxNSczQ?VLTlH9Zz)w?-@Heelp#%d=`(q_X+9 zAGR>S?^O>;H^()H+|lOAhm$Ya@*R0~pL~jt?RDcFl@4seoxDokuATKxmnYUmE#42W z)!RI}N|u4wqWSA-7V>r0Fwj=bdLdqkP8vo^%X__=Rk$W}A3)mI0 z6}@>6g3-LjpB-gi^^HEME}y-{21u>&P4U%|R73>*iq^0WYW~Slm!@W}K~}T4Q_oz$ z?qGJ>l3H({2xrGK)syD?v-A`<|0+V#>3yvqu+h%DX;5F%?mGv=eMj`}yZ>9&s4cti z+MGBxTx5pPS91!%{Ckyh+?Hnaqw$-~!O*!3E4dsVIpMwr08g+4hg|3=G0{_^r3!p| z&|6|V(^U9t=Si;Y@4XGa7ZrQc%$(@jnQNl(A=4IkrNd|Mh}C9+vGP2?nj1V>j{TFX zaL|_p!yWo1nNzXkomx$KklM}-_C`5ne~p*MM+q~7*d!_akcuUSNbjxT=~53HFIxYg z7fE?lR6ft)bDgi%{TyTxZP0)pA+b46Al!$4&X`>_CN~v3#`sL79 zCa<;=7c~Sz#LuG5B|Vsj7&X?D7^P9XZ|T0RCQ{UgPRm0tw6Jp3{h~2Xz&t_m9I=I8 z${5OSx0SFbJ%uc$e5vv>dTe2KWktD^ojuM;X~InY%|eHm*yiaVnA}mFGxK?wZ&;Rx z28`K;yZvU1Cv*-?_k;1=BWfLqw%;FLNi{BhcK0{#9KfQ#$V6v9>~0w3>!M?RE%@H0 z&Bz7Mdl_FKL75jOD9TPRzrV{GtM>&E25BBw0$%UA=2^NC(jO5W!E{+@T2ceqW`VQW zpYa+pEZ%0}y^}3a(p^6q!#f~|*GAaAr7j^B=P0w)4Cf+u}D&HPe>|6`5`M%$fqG-JH7O^ zj!Uj9+R~w7M%<9-3qjCoKh#K&_|;8?TW;NE{6cZT(*;DByp(9H@Li+T;{EBUyQ!4b zc(c>|yc}zO8X;cEN!2_TsgR|J)Ec-T3iHOZEQ`JOO#!>zBDUiJzFbc$I+&TksD~>j zC%{n5&s9B{?0)Z*y~9|OlPi6zW3rXe^N`%yTXOE~NQjU4D$0MQDq8ZFR}m_)a2!%C zt_`i#S_n%g#2>6bQEt|Km#2V#0IaJ*gyCX`b!2wT5yDo9v&1TBoaExv+5u2-=3(-p z`NsZ{Yk$$5HjJh8sw}WWFp|G~nISf+^b2%AhoHfcDfmjq0>zz@eq9^(vzlIz#@eLv z&=jHeXk6JXA^(qMsLu=}CE$G}JT%|}Y{c-yX=na%f-TQUz9eY__gGMUw9ph=jneBAx)tT)|)eso&2;0@|<~Yi=>=rN&D$kyzo_KoGw90Mfl7+0h zN(ijLe(ak$TV-ycPl07&-SbF1<;7p=5sO)K;}wqwtk#H?uxv^hG>9IhsQxnBJ4DNE z+eUt1@96OTVr4SMqx~~>jfKe4E*GVZXrFh5Y*jNxF5VPO5=&`&no9CjB@0~~ck(>- z_wF55CUR8~dq}5A&tJfJpHv31z|mChZtK(rQG1M7@+d$JER8bAg53qr>%^sS z+N;AV%F^-|rB<@!@kfS_*vN`6>JD@lA8zLWQhsuEA;^6x#=rxCn!l&9aSaEZk zud)Mtm7*{?F^mbIMJ#jY%uXrz;Kkj(0xRGEAOLL!!87hM^s~QwKWw%B`t5a&jQ+oB zdhUr_)E`klnftnD% ze`FwM0yNb%bkQ0bXmu?Yb$vrkZ9{E+Rdsbkb#=A5fBz=_DbhTyvlU>~at*P~& zvN%=6#>Qeo{{?XdC+J^IR%}r!hxouhVwaHU@H2*n77_l@|2ku6c#;E+0yN6^+SUFK z=0B+o4Y7ft!66htOG7setUpStorage(); + $this->copyMedia(); + + $imageResizer = new ImageResizer( + URL::to(MediaLibrary::url('october space.png')), + 100, + 100 + ); + + $this->assertStringContainsString('october%20space', $imageResizer->getResizedUrl(), 'Resized URLs are not properly URL encoded'); + } + protected function setUpStorage() { $this->app->useStoragePath(base_path('storage/temp'));