From 72d1c88b0bdecaad1bd51bf8f23daedc67d18338 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Schplurtz=20le=20D=C3=A9boulonn=C3=A9?=
 <Schplurtz@laposte.net>
Date: Mon, 19 Mar 2018 23:20:24 +0100
Subject: [PATCH] filter out any unexpected GET parametres.

---
 syntax.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/syntax.php b/syntax.php
index bf9a137..e71e40c 100644
--- a/syntax.php
+++ b/syntax.php
@@ -119,6 +119,9 @@ function render($format, Doku_Renderer $R, $data) {
      * Return path to the rendered image on our local system
      */
     function _imgfile($data){
+        // filter out unwanted GET parametres
+        $data=array_intersect_key( $data, array( 'width' => 1, 'height' => 1, 'layout' => 1, 'align' => 1, 'version' => 1, 'md5' => 1 ));
+
         $cache  = $this->_cachename($data,'png');
 
         // create the file if needed