X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/f7bdc2385d3ec8060f00d5ceb3b45f3cc4760e38..f282512da75d19e38933f3083afa3c2a9dad463c:/IkiWiki/Plugin/img.pm?ds=inline diff --git a/IkiWiki/Plugin/img.pm b/IkiWiki/Plugin/img.pm index c5b86bad8..ed2e9354d 100644 --- a/IkiWiki/Plugin/img.pm +++ b/IkiWiki/Plugin/img.pm @@ -5,124 +5,297 @@ package IkiWiki::Plugin::img; use warnings; use strict; -use IkiWiki 2.00; +use IkiWiki 3.00; my %imgdefaults; -sub import { #{{{ +sub import { + hook(type => "getsetup", id => "img", call => \&getsetup); hook(type => "preprocess", id => "img", call => \&preprocess, scan => 1); -} #}}} +} -sub preprocess (@) { #{{{ +sub getsetup () { + return + plugin => { + safe => 1, + rebuild => undef, + section => "widget", + }, + img_allowed_formats => { + type => "string", + default => [qw(jpeg png gif)], + description => "Image formats to process (jpeg, png, gif, pdf, svg or 'everything' to accept all)", + # ImageMagick has had arbitrary code execution flaws, + # and the whole delegates mechanism is scary from + # that perspective + safe => 0, + rebuild => 0, + }, +} + +sub allowed { + my $format = shift; + my $allowed = $config{img_allowed_formats}; + $allowed = ['jpeg', 'png'] unless defined $allowed && @$allowed; + + foreach my $a (@$allowed) { + return 1 if $a eq $format || $a eq 'everything'; + } + + return 0; +} + +sub preprocess (@) { my ($image) = $_[0] =~ /$config{wiki_file_regexp}/; # untaint my %params=@_; - if (! exists $imgdefaults{$params{page}}) { - $imgdefaults{$params{page}} = {}; + if (! defined $image) { + error("bad image filename"); + } + + if (exists $imgdefaults{$params{page}}) { + foreach my $key (keys %{$imgdefaults{$params{page}}}) { + if (! exists $params{$key}) { + $params{$key}=$imgdefaults{$params{page}}->{$key}; + } + } + } + + if (! exists $params{size} || ! length $params{size}) { + $params{size}='full'; } - my $size = $params{size} || $imgdefaults{$params{page}}->{size} || 'full'; - my $alt = $params{alt} || $imgdefaults{$params{page}}->{alt} || ''; if ($image eq 'defaults') { - $imgdefaults{$params{page}} = { - size => $size, - alt => $alt, - }; + $imgdefaults{$params{page}} = \%params; return ''; } - push @{$links{$params{page}}}, $image; + add_link($params{page}, $image); + add_depends($params{page}, $image); + # optimisation: detect scan mode, and avoid generating the image if (! defined wantarray) { return; } my $file = bestlink($params{page}, $image); + my $srcfile = srcfile($file, 1); + if (! length $file || ! defined $srcfile) { + return htmllink($params{page}, $params{destpage}, $image); + } - my $dir = $params{destpage}; + my $dir = $params{page}; my $base = IkiWiki::basename($file); + my $extension; + my $format; + + if ($base =~ m/\.([a-z0-9]+)$/) { + $extension = $1; + } + else { + error gettext("Unable to detect image type from extension"); + } + + # Never interpret well-known file extensions as any other format, + # in case the wiki configuration unwisely allows attaching + # arbitrary files named *.jpg, etc. + my $magic; + my $offset = 0; + open(my $in, '<', $srcfile) or error sprintf(gettext("failed to read %s: %s"), $file, $!); + binmode($in); + + if ($extension =~ m/^(jpeg|jpg)$/is) { + $format = 'jpeg'; + $magic = "\377\330\377"; + } + elsif ($extension =~ m/^(png)$/is) { + $format = 'png'; + $magic = "\211PNG\r\n\032\n"; + } + elsif ($extension =~ m/^(gif)$/is) { + $format = 'gif'; + $magic = "GIF8"; + } + elsif ($extension =~ m/^(svg)$/is) { + $format = 'svg'; + } + elsif ($extension =~ m/^(pdf)$/is) { + $format = 'pdf'; + $magic = "%PDF-"; + } + else { + # allow ImageMagick to auto-detect (potentially dangerous) + $format = ''; + } + + error sprintf(gettext("%s image processing disabled in img_allowed_formats configuration"), $format ? $format : "\"$extension\"") unless allowed($format ? $format : "everything"); + + # Try harder to protect ImageMagick from itself + if ($format eq 'svg') { + my $content; + read($in, $content, 5) or error sprintf(gettext("failed to read %s: %s"), $file, $!); + # This is an over-simplification, but ?xml is the check that + # ImageMagick uses. We also accept new; + error gettext("Image::Magick is not installed") if $@; + my $im = Image::Magick->new(); my $imglink; - my $r; + my $imgdatalink; + my $r = $im->Read("$format:$srcfile\[$pagenumber]"); + error sprintf(gettext("failed to read %s: %s"), $file, $r) if $r; - if ($size ne 'full') { - my ($w, $h) = ($size =~ /^(\d+)x(\d+)$/); - return "[[img ".sprintf(gettext('bad size "%s"'), $size)."]]" - unless (defined $w && defined $h); + if (! defined $im->Get("width") || ! defined $im->Get("height")) { + error sprintf(gettext("failed to get dimensions of %s"), $file); + } + + my ($dwidth, $dheight); - my $outfile = "$config{destdir}/$dir/${w}x${h}-$base"; - $imglink = "$dir/${w}x${h}-$base"; - - will_render($params{destpage}, $imglink); + if ($params{size} eq 'full') { + $dwidth = $im->Get("width"); + $dheight = $im->Get("height"); + } else { + my ($w, $h) = ($params{size} =~ /^(\d*)x(\d*)$/); + error sprintf(gettext('wrong size format "%s" (should be WxH)'), $params{size}) + unless (defined $w && defined $h && + (length $w || length $h)); - if (-e $outfile && (-M srcfile($file) >= -M $outfile)) { + if ($im->Get("width") == 0 || $im->Get("height") == 0) { + ($dwidth, $dheight)=(0, 0); + } elsif (! length $w || (length $h && $im->Get("height")*$w > $h * $im->Get("width"))) { + # using height because only height is given or ... + # because original image is more portrait than $w/$h + # ... slimness of $im > $h/w + # ... $im->Get("height")/$im->Get("width") > $h/$w + # ... $im->Get("height")*$w > $h * $im->Get("width") + + $dheight=$h; + $dwidth=$h / $im->Get("height") * $im->Get("width"); + } else { # (! length $h) or $w is what determines the resized size + $dwidth=$w; + $dheight=$w / $im->Get("width") * $im->Get("height"); + } + } + + if ($dwidth < $im->Get("width") || $ispdf) { + # resize down, or resize to pixels at all + + my $outfile = "$config{destdir}/$dir/$params{size}-$base"; + $imglink = "$dir/$params{size}-$base"; + + will_render($params{page}, $imglink); + + if (-e $outfile && (-M $srcfile >= -M $outfile)) { + $im = Image::Magick->new; $r = $im->Read($outfile); - return "[[img ".sprintf(gettext("failed to read %s: %s"), $outfile, $r)."]]" if $r; + error sprintf(gettext("failed to read %s: %s"), $outfile, $r) if $r; } else { - $r = $im->Read(srcfile($file)); - return "[[img ".sprintf(gettext("failed to read %s: %s"), $file, $r)."]]" if $r; - - $r = $im->Resize(geometry => "${w}x${h}"); - return "[[img ".sprintf(gettext("failed to resize: %s"), $r)."]]" if $r; + $r = $im->Resize(geometry => "${dwidth}x${dheight}"); + error sprintf(gettext("failed to resize: %s"), $r) if $r; - # don't actually write file in preview mode + $im->set(($issvg || $ispdf) ? (magick => 'png') : ()); + my @blob = $im->ImageToBlob(); + # don't actually write resized file in preview mode; + # rely on width and height settings if (! $params{preview}) { - my @blob = $im->ImageToBlob(); writefile($imglink, $config{destdir}, $blob[0], 1); } else { - $imglink = $file; + eval q{use MIME::Base64}; + error($@) if $@; + $imgdatalink = "data:image/".$im->Get("magick").";base64,".encode_base64($blob[0]); } } - } - else { - $r = $im->Read(srcfile($file)); - return "[[img ".sprintf(gettext("failed to read %s: %s"), $file, $r)."]]" if $r; + + # always get the true size of the resized image (it could be + # that imagemagick did its calculations differently) + $dwidth = $im->Get("width"); + $dheight = $im->Get("height"); + } else { $imglink = $file; } - - add_depends($imglink, $params{page}); + + if (! defined($dwidth) || ! defined($dheight)) { + error sprintf(gettext("failed to determine size of image %s"), $file) + } my ($fileurl, $imgurl); - if (! $params{preview}) { - $fileurl=urlto($file, $params{destpage}); - $imgurl=urlto($imglink, $params{destpage}); - } - else { - $fileurl="$config{url}/$file"; - $imgurl="$config{url}/$imglink"; - } + my $urltobase = $params{preview} ? undef : $params{destpage}; + $fileurl=urlto($file, $urltobase); + $imgurl=$imgdatalink ? $imgdatalink : urlto($imglink, $urltobase); - if (! defined($im->Get("width")) || ! defined($im->Get("height"))) { - return "[[img ".sprintf(gettext("failed to determine size of image %s"), $file)."]]"; + if (! exists $params{class}) { + $params{class}="img"; } + my $attrs=''; + foreach my $attr (qw{alt title class id hspace vspace}) { + if (exists $params{$attr}) { + $attrs.=" $attr=\"$params{$attr}\""; + } + } + my $imgtag=''.$alt.''; - if (! defined $params{link} || lc($params{link}) eq 'yes') { - return ''.$imgtag.''; + my $link; + if (! defined $params{link}) { + $link=$fileurl; } elsif ($params{link} =~ /^\w+:\/\//) { - return ''.$imgtag.''; + $link=$params{link}; + } + + if (defined $link) { + $imgtag=''.$imgtag.''; } - elsif (length bestlink($params{page}, $params{link})) { - add_depends($params{page}, $params{link}); - return htmllink($params{page}, $params{destpage}, - $params{link}, linktext => $imgtag, - noimageinline => 1); + else { + my $b = bestlink($params{page}, $params{link}); + + if (length $b) { + add_depends($params{page}, $b, deptype("presence")); + $imgtag=htmllink($params{page}, $params{destpage}, + $params{link}, linktext => $imgtag, + noimageinline => 1, + ); + } + } + + if (exists $params{caption}) { + return ''. + ''. + ''. + '
'.$params{caption}.'
'.$imgtag.'
'; } else { return $imgtag; } -} #}}} +} 1