- $file = "{$path}/{$match['file'][0]}";
- // Only proceed if we can access the file
- if ( file_exists( $file ) ) {
- // Add version parameter as a time-stamp in ISO 8601 format, using Z for the timezone, meaning GMT
- $url = "{$file}?" . gmdate( 'Y-m-d\TH:i:s\Z', round( filemtime( $file ), -2 ) );
- // If we the mime-type can't be determined, no embedding will take place
- $type = false;
- // Try a couple of different ways to get the mime-type of a file, in order of preference
- if ( function_exists( 'finfo_file' ) && function_exists( 'finfo_open' ) ) {
- // As of PHP 5.3, this is how you get the mime-type of a file; it uses the Fileinfo PECL extension
- $type = finfo_file( finfo_open( FILEINFO_MIME_TYPE ), $file );
- } else if ( function_exists( 'mime_content_type' ) ) {
- // Before this was deprecated in PHP 5.3, this used to be how you get the mime-type of a file
- $type = mime_content_type( $file );
- } else {
- // Worst-case scenario has happend, use the file extension to infer the mime-type
- $ext = strtolower( pathinfo( $file, PATHINFO_EXTENSION ) );
- if ( isset( self::$mimeTypes[$ext] ) ) {
- $type = self::$mimeTypes[$ext];
+ $query = $match['query'][0];
+ $url = "{$remote}/{$match['file'][0]}";
+ $file = "{$local}/{$match['file'][0]}";
+ // bug 27052 - Guard against double slashes, because foo//../bar
+ // apparently resolves to foo/bar on (some?) clients
+ $url = preg_replace( '#([^:])//+#', '\1/', $url );
+ $replacement = false;
+ if ( $local !== false && file_exists( $file ) ) {
+ // Add version parameter as a time-stamp in ISO 8601 format,
+ // using Z for the timezone, meaning GMT
+ $url .= '?' . gmdate( 'Y-m-d\TH:i:s\Z', round( filemtime( $file ), -2 ) );
+ // Embedding requires a bit of extra processing, so let's skip that if we can
+ if ( $embedData && $embed ) {
+ $type = self::getMimeType( $file );
+ // Detect when URLs were preceeded with embed tags, and also verify file size is
+ // below the limit
+ if (
+ $type
+ && $match['embed'][1] > 0
+ && filesize( $file ) < self::EMBED_SIZE_LIMIT
+ ) {
+ // Strip off any trailing = symbols (makes browsers freak out)
+ $data = base64_encode( file_get_contents( $file ) );
+ // Build 2 CSS properties; one which uses a base64 encoded data URI in place
+ // of the @embed comment to try and retain line-number integrity, and the
+ // other with a remapped an versioned URL and an Internet Explorer hack
+ // making it ignored in all browsers that support data URIs
+ $replacement = "{$pre}url(data:{$type};base64,{$data}){$post};";
+ $replacement .= "{$pre}url({$url}){$post}!ie;";