diff --git a/mod/proxy.php b/mod/proxy.php index 612dc910a0..09a80f3284 100644 --- a/mod/proxy.php +++ b/mod/proxy.php @@ -281,14 +281,14 @@ function proxy_url($url, $writemode = false, $size = '') { $longpath .= '/' . strtr(base64_encode($url), '+/', '-_'); - // Checking for valid extensions. Only add them if they are safe - $pos = strrpos($url, '.'); - if ($pos) { - $extension = strtolower(substr($url, $pos + 1)); - $pos = strpos($extension, '?'); - if ($pos) { - $extension = substr($extension, 0, $pos); - } + // Extract the URL extension, disregarding GET parameters starting with ? + $question_mark_pos = strpos($url, '?'); + if ($question_mark_pos === false) { + $question_mark_pos = strlen($url); + } + $dot_pos = strrpos($url, '.', $question_mark_pos - strlen($url)); + if ($dot_pos !== false) { + $extension = strtolower(substr($url, $dot_pos + 1, $question_mark_pos - ($dot_pos + 1))); } $extensions = array('jpg', 'jpeg', 'gif', 'png');