N°1921 Process InlineImage from another iTop as external images

* Notifications : do not embed InlineImage with wrong secret * HtmlSanitizer : remove data-img-* attributes if not the same iTop (using approot from Config) * move \HTMLDOMSanitizer::ProcessImage to \InlineImage::ProcessImageTag * data-img-* attributes name are now InlineImage class constants
2026-04-23 18:48:51 +02:00 · 2019-01-30 09:44:38 +01:00
parent 31a2b634cc
commit 0aab80917a
3 changed files with 58 additions and 24 deletions
--- a/core/htmlsanitizer.class.inc.php
+++ b/core/htmlsanitizer.class.inc.php
@@ -346,7 +346,7 @@ class HTMLDOMSanitizer extends HTMLSanitizer
 					$this->CleanNode($oNode);
 					if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img'))
 					{
-						$this->ProcessImage($oNode);
+						InlineImage::ProcessImageTag($oNode);
 					}
 				}
 			}
@@ -357,24 +357,7 @@ class HTMLDOMSanitizer extends HTMLSanitizer
 			}
 		}
 	}
-	
-	/**
-	 * Add an extra attribute data-img-id for images which are based on an actual InlineImage
-	 * so that we can later reconstruct the full "src" URL when needed
-	 * @param DOMNode $oElement
-	 */
-	protected function ProcessImage(DOMNode $oElement)
-	{
-		$sSrc = $oElement->getAttribute('src');
-		$sDownloadUrl = str_replace(array('.', '?'), array('\.', '\?'), INLINEIMAGE_DOWNLOAD_URL); // Escape . and ?
-		$sUrlPattern = '|'.$sDownloadUrl.'([0-9]+)&s=([0-9a-f]+)|';
-		if (preg_match($sUrlPattern, $sSrc, $aMatches))
-		{
-			$oElement->setAttribute('data-img-id', $aMatches[1]);
-			$oElement->setAttribute('data-img-secret', $aMatches[2]);
-		}
-	}
-	
+
 	protected function CleanStyle($sStyle)
 	{
 		$aAllowedStyles = array();