Issue #1999384 by bojanz, naveenvalecha: Use Symfony Request for image module.

0ed76f0d · Dries · a72d1f1b · 0ed76f0d · 0ed76f0d
Commit 0ed76f0d authored Jun 20, 2013 by Dries
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

core/modules/image/image.admin.inc core/modules/image/image.admin.inc +2 -1

core/modules/image/image.module core/modules/image/image.module +2 -1

No files found.
--- a/core/modules/image/image.admin.inc
+++ b/core/modules/image/image.admin.inc
@@ -314,9 +314,10 @@ function image_effect_form($form, &$form_state, $style, $effect) {
  $form['data']['#tree'] = TRUE;

  // Check the URL for a weight, then the image effect, otherwise use default.
+  $weight = Drupal::request()->query->get('weight');
  $form['weight'] = array(
    '#type' => 'hidden',
-    '#value' => isset($_GET['weight']) ? intval($_GET['weight']) : (isset($effect['weight']) ? $effect['weight'] : count($style->effects)),
+    '#value' => isset($weight) ? intval($weight) : (isset($effect['weight']) ? $effect['weight'] : count($style->effects)),
  );

  $form['actions'] = array('#type' => 'actions');

--- a/core/modules/image/image.module
+++ b/core/modules/image/image.module
@@ -537,7 +537,8 @@ function image_style_deliver($style, $scheme) {
  // denial-of-service attacks.)
  $valid = !empty($style) && file_stream_wrapper_valid_scheme($scheme);
  if (!config('image.settings')->get('allow_insecure_derivatives')) {
-    $valid = $valid && isset($_GET[IMAGE_DERIVATIVE_TOKEN]) && $_GET[IMAGE_DERIVATIVE_TOKEN] === image_style_path_token($style->name, $scheme . '://' . $target);
+    $image_derivative_token = Drupal::request()->query->get(IMAGE_DERIVATIVE_TOKEN);
+    $valid = $valid && isset($image_derivative_token) && $image_derivative_token === image_style_path_token($style->name, $scheme . '://' . $target);
  }
  if (!$valid) {
    throw new AccessDeniedHttpException();