fix(url): double-encode dots as %252E for NGINX compatibility

[matteotrubini]

In certain NGINX configurations, unencoded dots in URLs may trigger asset-serving rules, resulting in 404 errors. rawurlencode() skips dots, but RFC 3986 allows dot encoding, so we manually double-encode them.

Summary by CodeRabbit

• Bug Fixes
  • Resolved an issue where resized images could fail to load with certain server configurations, now ensuring proper resolution and eliminating 404 errors.

[coderabbitai]

Walkthrough

In ImageResizer::getResizerUrl(), a new post-processing step replaces all dot characters (.) with the double-encoded sequence %252E in $resizedUrl. This transformation occurs after the method's existing rawurlencode double-encoding logic and is accompanied by inline comments describing the intent. No public API signatures or method declarations are changed.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and specifically describes the main change: double-encoding dots for NGINX compatibility in URLs.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@modules/system/classes/ImageResizer.php`:
- Around line 586-588: The identifier generation in the ImageResizer class is
based on the original URL with unencoded dots, but the actual encoded URL being
sent has dots replaced with %252E. This causes a validation mismatch in
getValidResizedUrl() where the hash comparison fails because the identifier was
generated from a different URL format than what is being validated. Move the
identifier generation (the hash_hmac call that creates the identifier) to occur
AFTER the dot replacement on line 588, so that the identifier is computed from
the modified $resizedUrl that contains %252E instead of literal dots, ensuring
consistency between the encoded URL and its corresponding identifier throughout
the validation process.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0542cb98-530f-4e7b-a547-f06ab95ca767

📥 Commits

Reviewing files that changed from the base of the PR and between 8b102ac and a261f1e.

📒 Files selected for processing (1)

• modules/system/classes/ImageResizer.php