Fixed issue where URL params in image names would cause loading failure

Updated file name handling to route through str:slug to be cleaned up a little. Added testing to cover. Fixes #2161
2025-07-30 04:23:11 +03:00 · 2020-07-25 11:18:40 +01:00
parent 03211ebea6
commit 8213ea9a71
3 changed files with 57 additions and 16 deletions
--- a/tests/Uploads/ImageTest.php
+++ b/tests/Uploads/ImageTest.php
@ -182,6 +182,38 @@ class ImageTest extends TestCase
        $this->assertFalse(file_exists(public_path($relPath)), 'Uploaded double extension file was uploaded but should have been stopped');
    }

+    public function test_url_entities_removed_from_filenames()
+    {
+        $this->asEditor();
+        $badNames = [
+            "bad-char-#-image.png",
+            "bad-char-?-image.png",
+            "?#.png",
+            "?.png",
+            "#.png",
+        ];
+        foreach ($badNames as $name) {
+            $galleryFile = $this->getTestImage($name);
+            $page = Page::first();
+            $badPath = $this->getTestImagePath('gallery', $name);
+            $this->deleteImage($badPath);
+
+            $upload = $this->call('POST', '/images/gallery', ['uploaded_to' => $page->id], [], ['file' => $galleryFile], []);
+            $upload->assertStatus(200);
+
+            $lastImage = Image::query()->latest('id')->first();
+            $newFileName = explode('.', basename($lastImage->path))[0];
+
+            $this->assertEquals($lastImage->name, $name);
+            $this->assertFalse(strpos($lastImage->path, $name), 'Path contains original image name');
+            $this->assertFalse(file_exists(public_path($badPath)), 'Uploaded image file name was not stripped of url entities');
+
+            $this->assertTrue(strlen($newFileName) > 0, 'File name was reduced to nothing');
+
+            $this->deleteImage($lastImage->path);
+        }
+    }
+
    public function test_secure_images_uploads_to_correct_place()
    {
        config()->set('filesystems.images', 'local_secure');
--- a/tests/Uploads/UsesImages.php
+++ b/tests/Uploads/UsesImages.php
@ -39,11 +39,8 @@ trait UsesImages

    /**
     * Get the path for a test image.
-     * @param $type
-     * @param $fileName
-     * @return string
     */
-    protected function getTestImagePath($type, $fileName)
+    protected function getTestImagePath(string $type, string $fileName): string
    {
        return '/uploads/images/' . $type . '/' . Date('Y-m') . '/' . $fileName;
    }