diff --git a/modules/image/image.admin.inc b/modules/image/image.admin.inc index cebe8940d3..dbeeaabf2a 100644 --- a/modules/image/image.admin.inc +++ b/modules/image/image.admin.inc @@ -821,11 +821,12 @@ function theme_image_style_preview($variables) { $output .= ''; // End preview-image-wrapper. // Build the preview of the image style. - $preview_url = file_create_url($preview_file) . '?cache_bypass=' . REQUEST_TIME; + $token = IMAGE_DERIVATIVE_TOKEN . '=' . image_style_path_token($style['name'], file_default_scheme() . '://' . $sample_image); + $preview_url = file_create_url($preview_file) . '?cache_bypass=' . REQUEST_TIME . '&' . $token; $output .= '
'; - $output .= check_plain($style['label']) . ' (' . l(t('view actual size'), file_create_url($preview_file) . '?' . time()) . ')'; + $output .= check_plain($style['label']) . ' (' . l(t('view actual size'), file_create_url($preview_file) . '?' . time() . '&' . $token) . ')'; $output .= '
'; - $output .= '' . theme('image', array('path' => $preview_url, 'alt' => t('Sample modified image'), 'title' => '', 'attributes' => $preview_attributes)) . ''; + $output .= '' . theme('image', array('path' => $preview_url, 'alt' => t('Sample modified image'), 'title' => '', 'attributes' => $preview_attributes)) . ''; $output .= '
' . $preview_image['height'] . 'px
'; $output .= '
' . $preview_image['width'] . 'px
'; $output .= '
'; // End preview-image. diff --git a/modules/image/image.module b/modules/image/image.module index dab88361a2..3700ac43cb 100644 --- a/modules/image/image.module +++ b/modules/image/image.module @@ -290,9 +290,12 @@ function image_file_download($uri) { // Remove the scheme from the path. array_shift($args); + // The remaining path for checks later on. + $remaining_path = implode('/', $args); // Then the remaining parts are the path to the image. - $original_uri = file_uri_scheme($uri) . '://' . implode('/', $args); - + $original_uri = file_uri_scheme($uri) . '://' . $remaining_path; + // Grab the path to the sample image. + $sample_image = variable_get('image_style_preview_image', drupal_get_path('module', 'image') . '/sample.png'); // Check that the file exists and is an image. if ($info = image_get_info($uri)) { // Check the permissions of the original to grant access to this image. @@ -308,6 +311,19 @@ function image_file_download($uri) { // browser caching of private images. ); } + // It's unlikely that a module would deny access to the sample image, but + // check the headers just in case. If no modules deny access, then grant + // access to the sample image by default. + elseif (empty($headers) && $remaining_path == $sample_image) { + return array( + // Send headers describing the image's size, and MIME-type... + 'Content-Type' => $info['mime_type'], + 'Content-Length' => $info['file_size'], + // By not explicitly setting them here, this uses normal Drupal + // Expires, Cache-Control and ETag headers to prevent proxy or + // browser caching of private images. + ); + } } return -1; }