Page MenuHomePhabricator

Upright option for images should have better validation
Open, MediumPublic


The "upright" option for images only uses PHP's is_numeric() function for parameter validation. This allows for some rather silly values to be used, which get passed directly to the thumbnail generator.

Take, for example, the following image links (tested on en-wiki):
[[File:As we see 'em (334).jpg|frameless|upright -1]] (thumbnail generator throws an error, which gets displayed to the user)
[[File:Check mark.svg|frameless|upright 1e2]] (happily tries to generate a very large check mark, since vector images have no size limit, though it eventually times out, or runs out of memory, and displays a broken image icon instead)

Event Timeline

Jonesey95 subscribed.

A check for values of this kind could probably be added as a Linter "bogus file option".

Arlolra triaged this task as Medium priority.Aug 21 2023, 9:53 PM
Arlolra moved this task from Backlog to Parsoid on the MediaWiki-extensions-Linter board.