Giter Club home page Giter Club logo

laravel-url-uploaded-file's Introduction

Uploade files from URLs in Laravel

Latest Version on Packagist Tests Total Downloads

This package extends Laravel's UploadedFile functionality using file URLs instead of regular file uploads.

Read the full post in my blog: https://naxon.dev/blog/upload-files-from-urls-in-laravel

Installation

You can install the package via composer:

composer require naxon/laravel-url-uploaded-file

Usage

use Naxon\UrlUploadedFile\UrlUploadedFile;

$file = UrlUploadedFile::createFromUrl('https://naxon.dev/assets/img/portrait.jpg');

Now, because UrlUploadedFile extends UploadedFile, you can store it, get its path and extension and use UploadedFile's functionality with it.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Roadmap

Version 1.0 provides basic functionality only. It was extracted from a real project I was working on. The plan for version 2.0 is to extend the functionality by adding more downloaders.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.

laravel-url-uploaded-file's People

Contributors

naxon avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

nguyenhiepvan wapwn 418sec cuongsql dudubroering les19 jemsk dmitrygaluschkin hamzasgd moatazabdalmageed

laravel-url-uploaded-file's Issues

PHP 8 Compatibility.

I am shifting projects over to use PHP 8 and your library that I use is locked at 7.4. Is it compatible with 8 and if so, can it be upgraded so I don't need to fork?

File is not valid

When you check if the file is valid than i get some error;

$source = UrlUploadedFile::createFromUrl($url);
dump($source->isValid());
dump($source->getErrorMessage());

"The file "" was not uploaded due to an unknown error."

Possible security issue

Hey,

I'm not sure if it's the responsibility of this library, but accepting a URL from user input and handling the resulting file might have some security implications.

For example:

  • the scheme might be something other than http/https
  • the scheme might be missing
  • the URL might point to something like /etc/passwd
  • the URL might point to some internal URL which you don't want to expose (like the AWS Instance Metadata endpoint)

Do you think checks / validations for the above points should / could be part of this library, or is that outside of its scope / responsibilities?

๐Ÿšจ Potential Security Vulnerability - huntr.dev

โš ๏ธ Potential Vulnerability in laravel-url-uploaded-file

๐Ÿ‘‹ Hello, @Naxon - @wapwn has disclosed a potential vulnerability in your repository. To validate or invalidate this potential vulnerability, please visit https://huntr.dev/bounties/1-packagist-naxon/laravel-url-uploaded-file and join our community in helping secure open-source code.

โ˜Ž๏ธ Need further support?

Come and join us on our Discord and a member of our team will be happy to help! ๐Ÿค—

cc - @JamieSlome

File not valid

When i create a file from url, the file is not valid.

$source = UrlUploadedFile::createFromUrl('https://ny2m44ls0z.b-cdn.net/w_1280,h_720/s3-siris/940a5248-4d5b-4629-a00e-182c1ce4251d.jpg')
dump($source);

Response

Naxon\UrlUploadedFile\UrlUploadedFile {[#1098]()
  -test: false
  -originalName: ""
  -mimeType: "application/octet-stream"
  -error: 0
  #hashName: null
  path: "/tmp"
  filename: "url-file-eh0Tqw"
  basename: "url-file-eh0Tqw"
  pathname: "/tmp/url-file-eh0Tqw"
  extension: ""
  realPath: "/tmp/url-file-eh0Tqw"
  aTime: 2022-03-10 14:30:37
  mTime: 2022-03-10 14:30:37
  cTime: 2022-03-10 14:30:37
  inode: 10228269
  size: 192254
  perms: 0100600
  owner: 33
  group: 1000
  type: "file"
  writable: true
  readable: true
  executable: false
  file: true
  dir: false
  link: false
}

Is there something what i do wrong?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.