From c186ff5e916edd922c3a7484e9ba3d196e862877 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 28 Apr 2009 22:54:18 +0000 Subject: [PATCH] Revert r49669, r49670 "extract text layer from djvu file (see bug 18046)" I don't really like the use of sed here; it's an extra Unix dependency which seems unnecessary, when we could trivially do the escaping in the code. The ajax fetch added in r49670 also looks like a big security hole: * Manual use of curl should be avoided; it may not be installed, and 'localhost' may not do anything useful. * Further this appears to be a general "fetch any foreign URL and pass the data through" which is a serious security hole. --- includes/DefaultSettings.php | 13 ------------ includes/media/DjVu.php | 38 ++++++------------------------------ 2 files changed, 6 insertions(+), 45 deletions(-) diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index b27a9e3f8f..4d209bdf25 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -1897,12 +1897,6 @@ $wgDiff3 = '/usr/bin/diff3'; */ $wgDiff = '/usr/bin/diff'; -/** - * Path to the GNU sed utility. Required by $wgDjvuTxt. - */ -#$wgSed = '/bin/sed'; -$wgSed = null; - /** * We can also compress text stored in the 'text' table. If this is set on, new * revisions will be compressed on page save if zlib support is available. Any @@ -3540,13 +3534,6 @@ $wgDjvuDump = null; # $wgDjvuRenderer = 'ddjvu'; $wgDjvuRenderer = null; -/** - * Path of the djvutxt DJVU text extraction utility - * Enable this and $wgSed, $wgDjvuDump to enable text layer extraction from djvu files - */ -# $wgDjvuTxt = 'djvutxt'; -$wgDjvuTxt = null; - /** * Path of the djvutoxml executable * This works like djvudump except much, much slower as of version 3.5. diff --git a/includes/media/DjVu.php b/includes/media/DjVu.php index 26d3fae9bc..66e954d42c 100644 --- a/includes/media/DjVu.php +++ b/includes/media/DjVu.php @@ -52,8 +52,6 @@ class DjVuHandler extends ImageHandler { $m = false; if ( preg_match( '/^page(\d+)-(\d+)px$/', $str, $m ) ) { return array( 'width' => $m[2], 'page' => $m[1] ); - } else if ( preg_match( '/^page(\d+)-djvutxt$/', $str, $m ) ) { - return array( 'djvutxt' => 1, 'page' => $m[1] ); } else { return false; } @@ -66,22 +64,8 @@ class DjVuHandler extends ImageHandler { ); } - - function normaliseParams( $image, &$params ) { - global $wgDjvuTxt; - if( $wgDjvuTxt && isset($params['djvutxt']) && $params['djvutxt']) { - if ( !isset( $params['page'] ) ) { - $params['page'] = 1; - } - $params['width'] = 0; - $params['height'] = 0; - return true; - } - else return parent::normaliseParams( $image, $params ); - } - function doTransform( $image, $dstPath, $dstUrl, $params, $flags = 0 ) { - global $wgDjvuRenderer, $wgDjvuPostProcessor, $wgDjvuTxt, $wgSed; + global $wgDjvuRenderer, $wgDjvuPostProcessor; // Fetch XML and check it, to give a more informative error message than the one which // normaliseParams will inevitably give. @@ -112,22 +96,12 @@ class DjVuHandler extends ImageHandler { # Use a subshell (brackets) to aggregate stderr from both pipeline commands # before redirecting it to the overall stdout. This works in both Linux and Windows XP. - - if( $params['djvutxt'] && $wgDjvuTxt && $wgSed ) { - #Read text from djvu - $cmd = '(' . wfEscapeShellArg( $wgDjvuTxt ) . " --page={$page} " . wfEscapeShellArg( $srcPath ); - #Escape < > & characters - $cmd .= ' | ' . wfEscapeShellArg( $wgSed ) . ' "s/\&/\&/g ; s//\>/g ; s/\"/\"/g "'; - $cmd .= ' > ' . wfEscapeShellArg($dstPath) . ') 2>&1'; - } - else { - $cmd = '(' . wfEscapeShellArg( $wgDjvuRenderer ) . " -format=ppm -page={$page} -size={$width}x{$height} " . - wfEscapeShellArg( $srcPath ); - if ( $wgDjvuPostProcessor ) { - $cmd .= " | {$wgDjvuPostProcessor}"; - } - $cmd .= ' > ' . wfEscapeShellArg($dstPath) . ') 2>&1'; + $cmd = '(' . wfEscapeShellArg( $wgDjvuRenderer ) . " -format=ppm -page={$page} -size={$width}x{$height} " . + wfEscapeShellArg( $srcPath ); + if ( $wgDjvuPostProcessor ) { + $cmd .= " | {$wgDjvuPostProcessor}"; } + $cmd .= ' > ' . wfEscapeShellArg($dstPath) . ') 2>&1'; wfProfileIn( 'ddjvu' ); wfDebug( __METHOD__.": $cmd\n" ); $err = wfShellExec( $cmd, $retval ); -- 2.20.1