webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-28 17:02:04 +03:00
Code Activity

Added untrusted server fetching control

Browse Source 
WKHTMLtoPDF provides limited control for external fetching
so that will now be disabled by default unless
ALLOW_UNTRUSTED_SERVER_FETCHING=true is specifically set.
This new option will also control DOMPDF fetching.
This commit is contained in:
Dan Brown
2021-08-31 20:22:42 +01:00
parent 8f12c8bc99
commit bee5e2c7ca
7 changed files with 52 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/Unit/ConfigTest.php
View File

@ -76,6 +76,12 @@ class ConfigTest extends TestCase
);
}
public function test_dompdf_remote_fetching_controlled_by_allow_untrusted_server_fetching_false()
{
$this->checkEnvConfigResult('ALLOW_UNTRUSTED_SERVER_FETCHING', 'false', 'dompdf.defines.enable_remote', false);
$this->checkEnvConfigResult('ALLOW_UNTRUSTED_SERVER_FETCHING', 'true', 'dompdf.defines.enable_remote', true);
}
/**
* Set an environment variable of the given name and value
* then check the given config key to see if it matches the given result.