Fallback image file path functionality is a security risk

Created on 20 March 2023, over 1 year ago

Problem/Motivation

The ability to specify a default file image path - fourth argument for media_image, second for media_image_url - allows for a user to copy files in to the public files directory, which is definitely not a secure operation in the context of Twig.

Proposed resolution

Trying to lock down/filter safe paths vs non-safe would be difficult and seems likely to still have edge cases, at least for some site configurations. The secure way forward is unfortunately going to be to remove this functionality.

Remaining tasks

Implement the removal of this functionality.

API changes

The media_image and media_image_url twig filters and associated public MediaHelper methods will lose their final argument for a default image path.

🐛 Bug report

Status

Fixed

Version

1.0

Component

Code

Created by

🇺🇸United States bvoynick

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @bvoynick
Comment over 1 year ago →
System Message

bvoynick → committed 7766d51a on 2.0.x
Issue #3349047 by bvoynick, natemow, halth: Fallback image file path...
Status changed to Fixed over 1 year ago1:05pm 20 March 2023
Comment over 1 year ago →
🇺🇸United States bvoynick
Fix/feature removal committed to a new 2.0.x branch, since this is a breaking change.
Comment over 1 year ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024