[MediaWiki-commits] [Gerrit] Avoid exposure of local path in PNG thumbnails - change (mediawiki/core)

Chad (Code Review) Fri, 16 Oct 2015 11:20:47 -0700

Chad has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/246881


Change subject: Avoid exposure of local path in PNG thumbnails
......................................................................

Avoid exposure of local path in PNG thumbnails

Bug: T108616
Change-Id: I952068d2d175d71f86dec0dbb92af5a122c05a49
---
M includes/media/Bitmap.php
1 file changed, 2 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/81/246881/1

diff --git a/includes/media/Bitmap.php b/includes/media/Bitmap.php
index 607c4e5..d7b1f9a 100644
--- a/includes/media/Bitmap.php
+++ b/includes/media/Bitmap.php
@@ -373,6 +373,8 @@
                        ( $params['comment'] !== ''
                                ? array( '-set', 'comment', 
$this->escapeMagickProperty( $params['comment'] ) )
                                : array() ),
+                       // T108616: Avoid exposure of local file path
+                       array( '+set', 'Thumb::URI'),
                        array( '-depth', 8 ),
                        $sharpen,
                        array( '-rotate', "-$rotation" ),

-- 
To view, visit https://gerrit.wikimedia.org/r/246881
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I952068d2d175d71f86dec0dbb92af5a122c05a49
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: REL1_23
Gerrit-Owner: Chad <[email protected]>
Gerrit-Reviewer: Dpatrick <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Avoid exposure of local path in PNG thumbnails - change (mediawiki/core)

Reply via email to