Dan Brown
6c91e09c73
Image manager: Redesigned header bar(s)
2023-05-26 14:30:59 +01:00
Dan Brown
0704f1bd0d
Covered untested commands with testing
2023-05-24 10:34:43 +01:00
Dan Brown
141eecb858
Cleaned up namespacing in routes
...
Also moved home controller and moved controllers up a level in http.
2023-05-18 20:57:05 +01:00
Dan Brown
295cd01605
Played around with a new app structure
2023-05-17 17:56:55 +01:00
Dan Brown
3a808fd768
Added phpunit tests to cover image API endpoints
2023-03-14 19:29:08 +00:00
Dan Brown
d9eec6d82c
Started Image API build
2023-03-14 12:19:19 +00:00
Dan Brown
c80396136f
Increased attachment link limit from 192 to 2k
...
Added test to cover.
Did attempt a 64k limit, but values over 2k significantly increase
chance of other issues since this URL may be used in redirect headers.
Would rather catch issues in-app.
For #4044
2023-02-20 13:05:23 +00:00
Dan Brown
f333db8e4f
Added control-upon-access of the default favicon.ico file
2023-02-09 21:16:27 +00:00
Dan Brown
da42fc7457
Added default favicon creation upon access.
2023-02-09 20:57:35 +00:00
Dan Brown
48f1934387
Updated favicon gen to use png-based ICO
...
From testing, worked on Firefox, Chrome, Gnome Web
2023-02-09 17:47:33 +00:00
Dan Brown
2845e0003e
Got favicons better supported, can't get transparency right
...
Digging deeper, I don't think PHPGD supports 32bit bmp output which
complicates matters.
2023-02-09 15:14:41 +00:00
Dan Brown
1a189640f1
Integrated favicon handler with correct files & actions
...
Format does not look 100% correct though, won't show in Firefox/gimp.
2023-02-09 13:24:43 +00:00
Dan Brown
420f89af99
Built custom favicon.ico file creator
...
Followed wikipedia-defined ICO file format info, and used with
Intervention's good bmp support, to create a working proof-of-concept.
2023-02-08 23:06:42 +00:00
Dan Brown
da1a66abd3
Extracted test file handling to its own class
...
Closes #3995
2023-02-08 14:39:13 +00:00
Dan Brown
5e8ec56196
Fixed issues found from tests
2023-02-06 20:41:33 +00:00
Dan Brown
9ca088a4e2
Fixed static analysis issues
2023-02-06 20:00:44 +00:00
Dan Brown
3c658e39ab
Extracted app icon text, fixed issues
...
Tweaked sizes and meta tags based unpon ipad testing.
Fixed reduced sizes not being cleaned up.
2023-01-25 16:11:34 +00:00
Dan Brown
55b6a7842e
Added ability to control app icon (favicon) via settings
2023-01-25 11:03:19 +00:00
Dan Brown
1660e72cc5
Migrated remaining relation permission usages
...
Now all tests are passing.
Some level of manual checks to do.
2023-01-24 19:04:32 +00:00
Dan Brown
d2260b234c
Fixed app logo visibility with secure_restricted images
...
Includes test to cover.
For #3827
2022-11-10 14:15:59 +00:00
Dan Brown
8a749c6acf
Added and ran PHPCS
2022-09-18 01:25:20 +01:00
Dan Brown
7f8b3eff5a
Fixed failing tests due to shelf text changes, applied styleci changes
2022-09-02 14:47:44 +01:00
Dan Brown
c76b5e2ec4
Fixed local_secure_restricted preventing attachment uploads
...
Due to option name change and therefore lack of handling.
Added test case to cover.
2022-09-02 14:40:17 +01:00
Dan Brown
092b6d6378
Added test and handling for local_secure_restricted in exports
2022-09-02 14:21:43 +01:00
Dan Brown
27ac122502
Started work on local_secure_restricted image option
2022-09-01 16:17:14 +01:00
Dan Brown
d4a119b2aa
Fixed disabling of avatar urls, Removed id from gravatar image name
...
Included test to cover avatar url disabling.
Related to #1835
2022-07-26 12:10:19 +01:00
Dan Brown
afe1a04239
Aligned permission applicator method names
...
Also removed lesser used function, that was mostly a duplicate of an
existing function, and only used for search.
2022-07-16 19:54:25 +01:00
Dan Brown
b0a4d3d059
Renamed and cleaned up existing permission service classes use
2022-07-12 20:15:41 +01:00
Dan Brown
abc283fc64
Extracted download response logic to its own class
...
Cleans up base controller and groups up download & streaming logic for
potential future easier addition of range request support.
2022-06-08 23:50:42 +01:00
Dan Brown
2b0ae23da0
Updated composer deps, applied latest StyleCI changes
2022-04-24 18:22:40 +01:00
Dan Brown
cb770c534d
Added streamed uploads for attachments
2022-04-02 18:46:48 +01:00
Dan Brown
82e8b1577e
Updated attachment download responses to stream from filesystem
...
This allows download of attachments that are larger than current memory
limits, since we're not loading the entire file into memory any more.
For inline file responses, we take a 1kb portion of the file to sniff
before to check mime before we proceed.
2022-04-02 18:07:43 +01:00
Dan Brown
b5281bc9ca
Fixed tests, applied StyleCI changes
2022-03-26 20:38:03 +00:00
Dan Brown
55d61fceb2
Added manual image thumbnail exif orientation handling
...
Uses original image data to extract orientation exif to apply image
transformations before scaling and save. Manually done due to issues
with exif data loss during the existing Invervention image path.
For #1854
2022-03-26 12:32:08 +00:00
Dan Brown
1a26b47782
Applied latest styleCI changes
2022-01-06 12:18:11 +00:00
Dan Brown
31f1dca8a8
Added detection and thumbnail bypass for apng images
...
Adds apng sniffing when generating thumbnails with retained ratios to
serve the original image files, as we do for GIF images, to prevent
the image being resized to a static version.
Is more tricky than GIF since apng file mimes and extensions
are the same as png, we have to detect part of the file header
to sniff the type. Means we have to sniff at a later stage
than GIF since we have to load the image file data.
Made some changes to the image thubmnail caching while doing
this work to fit in with this handling.
Added test to cover.
For #3136 .
2022-01-04 13:10:35 +00:00
Dan Brown
024924eef3
Applied another round of static analysis updates
2021-11-22 23:33:55 +00:00
Dan Brown
85154fff69
Added an env configurable file upload size limit
...
Replaces the old suggestion of setting JS head 'window.uploadLimit'
variable. This new env option will be used by back-end validation and
front-end libs/logic too.
Limits already likely exist within prod environments at a PHP and
webserver level but this allows an app-level limit and centralises the
option on the BookStack side into the .env
Closes #3033
2021-11-14 22:03:22 +00:00
Dan Brown
8d7c8ac8bf
Done a round of phpstan fixes
2021-11-06 00:32:01 +00:00
Dan Brown
bc291bee78
Added inital phpstan/larastan setup
2021-11-05 16:18:06 +00:00
Dan Brown
c9c4dbcb5b
Merge branch 'laravel_upgrade'
2021-11-04 22:42:35 +00:00
Dan Brown
a17be959d8
Applied latest styleci changes
2021-11-01 13:26:02 +00:00
Dan Brown
bfbccbede1
Updated attachments to not be saved with a complete extension
...
Intended to limit impact in the event the storage path is potentially
exposed.
2021-11-01 11:32:00 +00:00
Dan Brown
4360da03d4
Ran a pass through image and attachment routes
...
Added some stronger types, formatting changes and simplifications along
the way.
2021-11-01 11:17:30 +00:00
Dan Brown
c7fea8fe08
Cleaned up logic within ImageRepo
...
- Moved out extension check to ImageService as that seems more relevant.
- Updated models to use static-style references instead of facade to align with common modern usage within the app.
- Updated custom image_extension validation rule to use shared logic in image service.
2021-11-01 00:24:42 +00:00
Dan Brown
43830a372f
Updated showImage file serving to not be traversable
...
For #3030
2021-10-31 23:53:17 +00:00
Dan Brown
f139cded78
Laravel 8 shift squash & merge ( #3029 )
...
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
Dan Brown
4f55fe2f8e
Made further changes to page image extraction validation
...
Fixes #3019
Increased testing to cover the failing case amoung others.
2021-10-28 15:54:00 +01:00
Dan Brown
f77236aa38
Laravel 7.x Shift ( #3011 )
...
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7
Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
Haxatron
64937ab826
Update ImageRepo.php
...
fix image validation vulnerability
2021-10-26 09:39:16 +08:00