Default configuration not dompdf 3.1 friendly when using data-uris

[uandco]

Describe the bug

dompdf 3.1.0 now validates data-uris, which makes data-uris fail with the default config file as it doesn't have any data:// entry in the allowed_protocols config array:

See discussion at dompdf/dompdf#3580

To Reproduce

Use the default config file, update composer, which will update dompdf/dompdf to 3.1
Use a data-uri for an image in the view used to generate PDFs

Expected behavior

data-uris should continue working as they were with dompdf 3.0.2

Additional context

Imho, the example config file should have:

'allowed_protocols' => [
    "data://" => ["rules" => []],
    "file://" => ["rules" => []],
    "http://" => ["rules" => []],
    "https://" => ["rules" => []]
],

instead of

'allowed_protocols' => [
    "file://" => ["rules" => []],
    "http://" => ["rules" => []],
    "https://" => ["rules" => []]
],

I reckon mentioning this in some release note on the next version would also help mitigating issues for those not noticing the dompdf/dompdf dependency gets updated and start breaking resources using data-uris.

[infabo]

Also see changelog: https://github.com/dompdf/dompdf/releases/tag/v3.1.0

Note: this change requires that users of data URIs include the "data://" scheme in the list of allowed protocols

[barryvdh]

Can you update your the latest release?

[uandco]

That would work but existing installs would have to update the config manually.

[infabo]

When configuration is published - yes. This change must be mentioned in release changelog of this package as an important change (when not even considering as a breaking change).

[barryvdh]

I added a not the the changelog and release page; https://github.com/barryvdh/laravel-dompdf/releases/tag/v3.1.0

[infabo]

@barryvdh Thank you! 👍