- $baseUrl = '';
- $https = (!empty($_SERVER['HTTPS'])
- && (strtolower($_SERVER['HTTPS']) == 'on'))
- || (isset($_SERVER['SERVER_PORT'])
- && $_SERVER['SERVER_PORT'] == '443') // HTTPS detection.
- || (isset($_SERVER['SERVER_PORT']) //Custom HTTPS port detection
- && $_SERVER['SERVER_PORT'] == SSL_PORT)
- || (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
- && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');
- $serverport = (!isset($_SERVER['SERVER_PORT'])
- || $_SERVER['SERVER_PORT'] == '80'
- || $_SERVER['SERVER_PORT'] == HTTP_PORT
- || ($https && $_SERVER['SERVER_PORT'] == '443')
- || ($https && $_SERVER['SERVER_PORT'] == SSL_PORT) //Custom HTTPS port detection
- ? '' : ':'.$_SERVER['SERVER_PORT']);
-
- if (isset($_SERVER['HTTP_X_FORWARDED_PORT'])) {
- $serverport = ':'.$_SERVER['HTTP_X_FORWARDED_PORT'];
- }
- // $scriptname = str_replace('/index.php', '/', $_SERVER["SCRIPT_NAME"]);
- // if (!isset($_SERVER["HTTP_HOST"])) {
- // return $scriptname;
- // }
- $host = (isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']));
- if (strpos($host, ':') !== false) {
- $serverport = '';
- }
- // check if BASE_URL is configured
- if (BASE_URL) {
- $baseUrl = BASE_URL;
- } else {
- $baseUrl = 'http'.($https ? 's' : '').'://'.$host.$serverport;
- }
-
- return $baseUrl;
+ $ext = $this->mimeGuesser->guess($res->getHeader('content-type'));
+ $this->logger->debug('DownloadImages: Checking extension', ['ext' => $ext, 'header' => $res->getHeader('content-type')]);
+
+ // ok header doesn't have the extension, try a different way
+ if (empty($ext)) {
+ $types = [
+ 'jpeg' => "\xFF\xD8\xFF",
+ 'gif' => 'GIF',
+ 'png' => "\x89\x50\x4e\x47\x0d\x0a",
+ ];
+ $bytes = substr((string) $res->getBody(), 0, 8);
+
+ foreach ($types as $type => $header) {
+ if (0 === strpos($bytes, $header)) {
+ $ext = $type;
+ break;
+ }
+ }
+
+ $this->logger->debug('DownloadImages: Checking extension (alternative)', ['ext' => $ext]);
+ }
+
+ if (!in_array($ext, ['jpeg', 'jpg', 'gif', 'png'], true)) {
+ $this->logger->error('DownloadImages: Processed image with not allowed extension. Skipping: '.$imagePath);
+
+ return false;
+ }
+
+ return $ext;