Fallback image file path functionality is a security risk

Created on 20 March 2023, almost 2 years ago

Problem/Motivation

The ability to specify a default file image path - fourth argument for media_image, second for media_image_url - allows for a user to copy files in to the public files directory, which is definitely not a secure operation in the context of Twig.

Proposed resolution

Trying to lock down/filter safe paths vs non-safe would be difficult and seems likely to still have edge cases, at least for some site configurations. The secure way forward is unfortunately going to be to remove this functionality.

Remaining tasks

Implement the removal of this functionality.

API changes

The media_image and media_image_url twig filters and associated public MediaHelper methods will lose their final argument for a default image path.

πŸ› Bug report
Status

Fixed

Version

1.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States bvoynick

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024