diff options
author | Claire <claire.github-309c@sitedethib.com> | 2021-04-25 12:02:41 +0200 |
---|---|---|
committer | Claire <claire.github-309c@sitedethib.com> | 2021-04-26 11:22:22 +0200 |
commit | a346912030012dc1451249373ff7ef1a61016517 (patch) | |
tree | 534d4177a35c0b0b9fe533cecdb91e07fa857cc8 | |
parent | a627e59116507eab6be07b3b3a49bfe4ca77385a (diff) |
Add environment variables to control custom emoji size limits
Fixes #1524
-rw-r--r-- | .env.production.sample | 7 | ||||
-rw-r--r-- | app/models/custom_emoji.rb | 7 |
2 files changed, 12 insertions, 2 deletions
diff --git a/.env.production.sample b/.env.production.sample index 12ca64a06..65f3f9d1f 100644 --- a/.env.production.sample +++ b/.env.production.sample @@ -269,3 +269,10 @@ MAX_POLL_OPTION_CHARS=100 # Maximum search results to display # Only relevant when elasticsearch is installed # MAX_SEARCH_RESULTS=20 + +# Maximum custom emoji file sizes +# If undefined or smaller than MAX_EMOJI_SIZE, the value +# of MAX_EMOJI_SIZE will be used for MAX_REMOTE_EMOJI_SIZE +# Units are in bytes +MAX_EMOJI_SIZE=51200 +MAX_REMOTE_EMOJI_SIZE=204800 diff --git a/app/models/custom_emoji.rb b/app/models/custom_emoji.rb index 7cb03b819..f14357932 100644 --- a/app/models/custom_emoji.rb +++ b/app/models/custom_emoji.rb @@ -21,7 +21,8 @@ # class CustomEmoji < ApplicationRecord - LIMIT = 50.kilobytes + LOCAL_LIMIT = (ENV['MAX_EMOJI_SIZE'] || 50.kilobytes).to_i + LIMIT = [LOCAL_LIMIT, (ENV['MAX_REMOTE_EMOJI_SIZE'] || 200.kilobytes).to_i].max SHORTCODE_RE_FRAGMENT = '[a-zA-Z0-9_]{2,}' @@ -38,7 +39,9 @@ class CustomEmoji < ApplicationRecord before_validation :downcase_domain - validates_attachment :image, content_type: { content_type: IMAGE_MIME_TYPES }, presence: true, size: { less_than: LIMIT } + validates_attachment :image, content_type: { content_type: IMAGE_MIME_TYPES }, presence: true + validates_attachment_size :image, less_than: LIMIT, unless: :local? + validates_attachment_size :image, less_than: LOCAL_LIMIT, if: :local? validates :shortcode, uniqueness: { scope: :domain }, format: { with: /\A#{SHORTCODE_RE_FRAGMENT}\z/ }, length: { minimum: 2 } scope :local, -> { where(domain: nil) } |