Aix/PHPWord
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

addImage docs: Warn about user-generated strings

Browse Source
This commit is contained in:
pcworld 2018-04-09 02:45:50 +02:00
parent bdca366d91
commit a7981717b3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/elements.rst
View File

@ -234,7 +234,7 @@ To add an image, use the ``addImage`` method to sections, headers, footers, text
$section->addImage($src, [$style]); $section->addImage($src, [$style]);
- ``$src``. String path to a local image, URL of a remote image or the image data, as a string. - ``$src``. String path to a local image, URL of a remote image or the image data, as a string. Warning: Do not pass user-generated strings here, as that would allow an attacker to read arbitrary files or perform server-side request forgery by passing file paths or URLs instead of image data.
- ``$style``. See :ref:`image-style`. - ``$style``. See :ref:`image-style`.
Examples: Examples: