Skip to content

Commit

Permalink
do not allow file urls
Browse files Browse the repository at this point in the history
  • Loading branch information
@freekmurze
freekmurze committed Oct 25, 2022
1 parent c2a8888 commit 92cf16f
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 0 deletions.
5 changes: 5 additions & 0 deletions src/Browsershot.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

use Spatie\Browsershot\Exceptions\CouldNotTakeBrowsershot;
use Spatie\Browsershot\Exceptions\ElementNotFound;
use Spatie\Browsershot\Exceptions\FileUrlNotAllowed;
use Spatie\Browsershot\Exceptions\UnsuccessfulResponse;
use Spatie\Image\Image;
use Spatie\Image\Manipulations;
Expand Down Expand Up @@ -235,6 +236,10 @@ public function waitForFunction(string $function, $polling = self::POLLING_REQUE

public function setUrl(string $url)
{
if (Helpers::stringStartsWith(strtolower($url), 'file://')) {
throw FileUrlNotAllowed::make();
}

$this->url = $url;
$this->html = '';

Expand Down
13 changes: 13 additions & 0 deletions src/Exceptions/FileUrlNotAllowed.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<?php

namespace Spatie\Browsershot\Exceptions;

use Exception;

class FileUrlNotAllowed extends Exception
{
public static function make()
{
return new static("An URL is not allow to start with file://");
}
}
13 changes: 13 additions & 0 deletions src/Helpers.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<?php

namespace Spatie\Browsershot;

class Helpers
{
public static function stringStartsWith($haystack, $needle): bool
{
$length = strlen($needle);

return substr( $haystack, 0, $length ) === $needle;
}
}
5 changes: 5 additions & 0 deletions tests/BrowsershotTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
use Spatie\Browsershot\Browsershot;
use Spatie\Browsershot\Exceptions\CouldNotTakeBrowsershot;
use Spatie\Browsershot\Exceptions\ElementNotFound;
use Spatie\Browsershot\Exceptions\FileUrlNotAllowed;
use Spatie\Browsershot\Exceptions\UnsuccessfulResponse;
use Spatie\Image\Manipulations;
use Symfony\Component\Process\Exception\ProcessFailedException;
Expand Down Expand Up @@ -38,6 +39,10 @@
);
});

it('will not allow a file url', function () {
Browsershot::url('file://test');
})->throws(FileUrlNotAllowed::class);

it('can take a screenshot', function () {
$targetPath = __DIR__.'/temp/testScreenshot.png';

Expand Down
12 changes: 12 additions & 0 deletions tests/HelpersTest.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
<?php

use Spatie\Browsershot\Helpers;

it('can determine if a string starts with a substring', function(string $haystack, $needle, $expectedResult) {
expect(Helpers::stringStartsWith($haystack, $needle))->toBe($expectedResult);
})->with([
['https://spatie.be', 'https://', true],
['http://spatie.be', 'https://', false],
['file://hey', 'file://', true],
['https://spatie.be', 'file://', false],
]);

0 comments on commit 92cf16f

Please sign in to comment.