Merge pull request #69

AlfredoRamos · Sep 10, 2020 · 74df354 · 74df354
2 parents 19b056e + e28f627
commit 74df354
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 17 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,7 +1,7 @@
 language: php
 dist: xenial
 
-matrix:
+jobs:
   include:
     - php: 7.1
       env: DB=none;NOTESTS=1

diff --git a/event/listener.php b/event/listener.php
@@ -70,7 +70,7 @@ public function viewforum($event)
 	{
 		// Meta data helper
 		$data = [
-			'description' => $this->helper->clean_description($event['forum_data']['forum_desc']),
+			'description' => $event['forum_data']['forum_desc'],
 			'image' => $this->helper->forum_image(
 				$event['forum_data']['forum_image'],
 				$event['forum_data']['forum_id']
@@ -121,10 +121,6 @@ public function viewtopic($event)
 			$event['topic_data']['forum_id']
 		);
 
-		// Clean helpers
-		$data['description'] = $this->helper->clean_description($data['description']);
-		$data['image']['url'] = $this->helper->clean_image($data['image']['url']);
-
 		$this->helper->set_metadata($data);
 	}
 }
diff --git a/includes/helper.php b/includes/helper.php
@@ -219,6 +219,7 @@ public function set_metadata($data = [])
 				break;
 
 				case 'description':
+					$value = $this->clean_description($value);
 					$this->metadata['meta_description']['description'] = $value;
 					$this->metadata['open_graph']['og:description'] = $value;
 					$this->metadata['twitter_cards']['twitter:description'] = $value;
@@ -228,6 +229,7 @@ public function set_metadata($data = [])
 				case 'image':
 					if (isset($value['url']))
 					{
+						$value['url'] = $this->clean_image($value['url']);
 						$this->metadata['open_graph']['og:image'] = $value['url'];
 						$this->metadata['twitter_cards']['twitter:image'] = $value['url'];
 						$this->metadata['json_ld']['image'] = $value['url'];
@@ -242,7 +244,6 @@ public function set_metadata($data = [])
 					{
 						$value['width'] = (int) $value['width'];
 						$value['height'] = (int) $value['height'];
-
 						$this->metadata['open_graph']['og:image:width'] = $value['width'];
 						$this->metadata['open_graph']['og:image:height'] = $value['height'];
 						$this->metadata['twitter_cards']['twitter:card'] = $this->is_wide_image(
@@ -568,16 +569,7 @@ public function clean_image($uri = '', $images_dir = true)
 		// Image must exist inside the phpBB's images path
 		$base_path = $this->filesystem->realpath($this->root_path . $dir);
 
-		// \phpbb\filesystem\filesystem::resolve_path() throws warnings when called from
-		// \phpbb\filesystem\filesystem::realpath() and open_basedir is set.
-		//
-		// It passes directories not allowed (like the web server root directory) as parameter
-		// to is_link(), is_dir() and is_file()
-		//
-		// https://tracker.phpbb.com/browse/PHPBB3-15643
-		// https://github.com/phpbb/phpbb/pull/5673
-		//
-		//$image_path = $this->filesystem->realpath($base_path . '/' . $uri);
+		// Canonicalized absolute path
 		$image_path = $this->filesystem->clean_path($base_path . '/' . $uri);
 
 		// Avoid path traversal attack