Search code examples
htmlimagedirectory-traversal

Are regular img tags safe to use?

Is it safe to use regular img tag without an “image loader php”, simply like:

<img src=“imgs/1.png”>

?

I see how when people use a .php script to return the img file into src, path traversal attacks can occur.

That’s mostly why I don’t understand why one would use a .php for something like including an image in your page, since plain html already does that, if it makes you vulnerable?

Solution

  • In this instance, path traversal vulnerabilities only arise when there is insufficient input validation. Provided that input query parameters are validated and sanitised correctly, there shouldn't be an issue. Besides, there are a number of reasons why using a script may be beneficial. Such as:

    1. Dynamic Image Generation

    PHP scripts can generate images dynamically based on parameters or conditions. This flexibility allows you to modify or manipulate images on-the-fly before delivering them to the client. For example, you can resize images, apply filters, overlay text, or generate images based on user input.

    1. App-level Access Control

    PHP scripts can implement access control mechanisms to restrict access to images based on authentication, authorization rules, or just about any characteristic of the user's web request or session. This may be designed to prevent unauthorized users from directly accessing image URLs, or to combat hotlinking where other websites reference your material without your consent.

    1. Serving Images from Protected Locations

    PHP scripts can serve images from locations that are not directly accessible via the web server's document root. This adds an extra layer of security by keeping the image files outside of the public web directory. So in this instance, the developer desires the ability to traverse directories, but should ensure they secure the file system permissions adequately.

    1. Caching and Optimization

    PHP scripts can implement caching strategies to optimize image delivery. You can cache images on the server side to reduce load times for subsequent requests. Additionally, PHP scripts can perform optimizations such as compressing images before delivery.

    1. Logging and Analytics:

    By serving images through PHP scripts, you can log image requests and gather analytics data. This helps in understanding how images are accessed and used on your website.