diff options
Diffstat (limited to 'inc/fetch.functions.php')
| -rw-r--r-- | inc/fetch.functions.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/inc/fetch.functions.php b/inc/fetch.functions.php index 53ade3555..3c700b35b 100644 --- a/inc/fetch.functions.php +++ b/inc/fetch.functions.php @@ -111,6 +111,10 @@ function checkFileStatus(&$media, &$file, $rev = '', $width=0, $height=0) { //download failed - redirect to original URL return array(302, $media); } + // check token for resized and cached images + if (($width || $height) && media_get_token($media, $width, $height) !== $INPUT->str('tok')) { + return array(412, 'Precondition Failed'); + } } else { $media = cleanID($media); if(empty($media)) { |