- /* replace '//' or '/./' or '/foo/../' with '/' */
- $re = array('#(/\.?/)#', '#/(?!\.\.)[^/]+/\.\./#');
- for ($n = 1; $n > 0; $abs = preg_replace($re, '/', $abs, -1, $n)) {
+ if ($absolute = \SimplePie_IRI::absolutize($base, $url)) {
+ return $absolute->get_uri();
+ }
+
+ $this->logger->error('DownloadImages: Can not make an absolute link', ['base' => $base, 'url' => $url]);
+
+ return false;
+ }
+
+ /**
+ * Retrieve and validate the extension from the response of the url of the image.
+ *
+ * @param Response $res Guzzle Response
+ * @param string $imagePath Path from the src image from the content (used for log only)
+ *
+ * @return string|false Extension name or false if validation failed
+ */
+ private function getExtensionFromResponse(Response $res, $imagePath)
+ {
+ $ext = $this->mimeGuesser->guess($res->getHeader('content-type'));
+ $this->logger->debug('DownloadImages: Checking extension', ['ext' => $ext, 'header' => $res->getHeader('content-type')]);
+
+ // ok header doesn't have the extension, try a different way
+ if (empty($ext)) {
+ $types = [
+ 'jpeg' => "\xFF\xD8\xFF",
+ 'gif' => 'GIF',
+ 'png' => "\x89\x50\x4e\x47\x0d\x0a",
+ ];
+ $bytes = substr((string) $res->getBody(), 0, 8);
+
+ foreach ($types as $type => $header) {
+ if (0 === strpos($bytes, $header)) {
+ $ext = $type;
+ break;
+ }
+ }
+
+ $this->logger->debug('DownloadImages: Checking extension (alternative)', ['ext' => $ext]);
+ }
+
+ if (!in_array($ext, ['jpeg', 'jpg', 'gif', 'png'], true)) {
+ $this->logger->error('DownloadImages: Processed image with not allowed extension. Skipping: ' . $imagePath);
+
+ return false;