From cc412a5af8ff87574e2bfd886faeffc90454f313 Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Thu, 5 Jan 2017 18:17:21 +0100
Subject: [PATCH] Fixed images with relative path / SVG from being proxied

---
 .../output/node/HtmlOutputNodeImg.class.php   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/wcfsetup/install/files/lib/system/html/output/node/HtmlOutputNodeImg.class.php b/wcfsetup/install/files/lib/system/html/output/node/HtmlOutputNodeImg.class.php
index 607e258670..9ee8fb1b67 100644
--- a/wcfsetup/install/files/lib/system/html/output/node/HtmlOutputNodeImg.class.php
+++ b/wcfsetup/install/files/lib/system/html/output/node/HtmlOutputNodeImg.class.php
@@ -59,6 +59,25 @@ class HtmlOutputNodeImg extends AbstractHtmlOutputNode {
 					continue;
 				}
 				
+				$urlComponents = parse_url($src);
+				if ($urlComponents === false) {
+					// not a valid URL, discard it
+					DOMUtil::removeNode($element);
+					continue;
+				}
+				
+				if (empty($urlComponents['host'])) {
+					// relative URL, ignore it
+					continue;
+				}
+				
+				$element->setAttribute('data-valid', 'true');
+				
+				if (!empty($urlComponents['path']) && preg_match('~\.svg~', basename($urlComponents['path']))) {
+					// we can't proxy SVG, ignore it
+					continue;
+				}
+				
 				$element->setAttribute('src', $this->getProxyLink($src));
 				
 				$srcset = $element->getAttribute('srcset');
-- 
2.20.1