diff --git a/lib/css_js_min/minify/minify.cls.php b/lib/css_js_min/minify/minify.cls.php index 2137bf194..383e0ea2f 100644 --- a/lib/css_js_min/minify/minify.cls.php +++ b/lib/css_js_min/minify/minify.cls.php @@ -457,6 +457,43 @@ protected function restoreExtractedData($content) return $content; } + /** + * Check if the input is a file path. + * + * @param string $path + * + * @return bool + */ + protected function detectUrlType(string $input) { + // Is CSS + if (strpos($input, '{') !== false && strpos($input, '}') !== false && strpos($input, ';') !== false) { + return false; + } + + // Is JS + if (strpos($input, 'function') !== false || + strpos($input, 'var ') !== false || + strpos($input, 'let ') !== false || + strpos($input, 'const ') !== false || + strpos($input, '=>') !== false || + strpos($input, ';') !== false || + strpos($input, '(') !== false && strpos($input, ')') !== false || + strpos($input, '{') !== false && strpos($input, '}') !== false) { + return false; + } + + // Is file path + if (preg_match('/^(https?:\/\/|www\.|[a-z0-9]+\.[a-z]+)/i', $input) || + strpos($input, '/') === 0 || + strpos($input, './') === 0 || + strpos($input, '../') === 0 || + strpos($input, 'data:') === 0) { + return true; + } + + return false; + } + /** * Check if the path is a regular file and can be read. * @@ -466,6 +503,16 @@ protected function restoreExtractedData($content) */ protected function canImportFile($path) { + // Not file if path is empty + if(empty($path)){ + return false; + } + + // Not file? Return false + if (!$this->detectUrlType($path)) { + return false; + } + $parsed = parse_url($path); if ( // file is elsewhere diff --git a/lib/css_js_min/pathconverter/converter.cls.php b/lib/css_js_min/pathconverter/converter.cls.php index 7cf95094b..b7a89932e 100644 --- a/lib/css_js_min/pathconverter/converter.cls.php +++ b/lib/css_js_min/pathconverter/converter.cls.php @@ -48,25 +48,27 @@ class Converter implements ConverterInterface */ public function __construct($from, $to, $root = '') { - $shared = $this->shared($from, $to); - if ($shared === '') { - // when both paths have nothing in common, one of them is probably - // absolute while the other is relative - $root = $root ?: getcwd(); - $from = strpos($from, $root) === 0 ? $from : preg_replace('/\/+/', '/', $root.'/'.$from); - $to = strpos($to, $root) === 0 ? $to : preg_replace('/\/+/', '/', $root.'/'.$to); - - // or traveling the tree via `..` - // attempt to resolve path, or assume it's fine if it doesn't exist - $from = @realpath($from) ?: $from; - $to = @realpath($to) ?: $to; - } + if(!empty($from)){ + $shared = $this->shared($from, $to); + if ($shared === '') { + // when both paths have nothing in common, one of them is probably + // absolute while the other is relative + $root = $root ?: getcwd(); + $from = strpos($from, $root) === 0 ? $from : preg_replace('/\/+/', '/', $root.'/'.$from); + $to = strpos($to, $root) === 0 ? $to : preg_replace('/\/+/', '/', $root.'/'.$to); + + // or traveling the tree via `..` + // attempt to resolve path, or assume it's fine if it doesn't exist + $from = @realpath($from) ?: $from; + $to = @realpath($to) ?: $to; + } - $from = $this->dirname($from); - $to = $this->dirname($to); + $from = $this->dirname($from); + $to = $this->dirname($to); - $from = $this->normalize($from); - $to = $this->normalize($to); + $from = $this->normalize($from); + $to = $this->normalize($to); + } $this->from = $from; $this->to = $to; @@ -191,6 +193,10 @@ public function convert($path) */ protected function dirname($path) { + if(empty($path)){ + return $path; + } + if (@is_file($path)) { return dirname($path); }