wkhtmltopdf - Spaces in URL

Question

When using wkhtmltopdf I am unable to generate images when the URL contains a %20.

This isn't a problem when doing the same command locally via the command line.

Is there a way I can get this to work once it's online?

My code so far is:

<?php
$url = $_GET['url'];    // Website URL to Create Image
$name = $_GET['img'];   // Output Image Name
$command = "/usr/local/bin/wkhtmltoimage --no-images --crop-w 580";
$dir_img = "images/";     // Image files will be saved here
$ex_cmd = "$command $url " . $dir_img . $name;
$output = shell_exec($ex_cmd);
?>

This works fine unless there is a %20 in the URL.

The page I need to screenshot has to have the %20 in its URL so a function to remove it would not be a solution unfortunately.

score 3 · Accepted Answer · answered Jan 14 '15 at 13:44

You have to escape your arguments, else you have a huge security hole in your code:

$url = escapeshellarg($_GET['url']);    // Website URL to Create Image
$name = escapeshellarg($_GET['img']);   // Output Image Name
$command = "/usr/local/bin/wkhtmltoimage --no-images --crop-w 580";
$dir_img = "images/";     // Image files will be saved here
$ex_cmd = "$command $url " . $dir_img . $name;
$output = shell_exec($ex_cmd);

This is just to get you started, you must also check $_GET['url'] is url, and not eg ./config/database.php, and $_GET['img'] must be sanitized too.

wkhtmltopdf - Spaces in URL

1 Answers1