diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2018-04-23 09:16:38 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-23 09:16:38 +0200 |
commit | 7db7d68136d8c58c6d354e85096137c39d421671 (patch) | |
tree | 84255ce131308064e5e0bb7052dc4ac5e34c1718 /app/models/media_attachment.rb | |
parent | 3bf6da1ffcf8208a0608de7bff6e2155c40e2871 (diff) |
Detect and prevent image bombs, max. processable dimension 4096^2 (#7229)
Diffstat (limited to 'app/models/media_attachment.rb')
-rw-r--r-- | app/models/media_attachment.rb | 16 |
1 files changed, 2 insertions, 14 deletions
diff --git a/app/models/media_attachment.rb b/app/models/media_attachment.rb index 8fd9ac09f..c9abab9e2 100644 --- a/app/models/media_attachment.rb +++ b/app/models/media_attachment.rb @@ -19,8 +19,6 @@ # description :text # -require 'mime/types' - class MediaAttachment < ApplicationRecord self.inheritance_column = nil @@ -70,6 +68,8 @@ class MediaAttachment < ApplicationRecord validates_attachment_size :file, less_than: LIMIT remotable_attachment :file, LIMIT + include Attachmentable + validates :account, presence: true validates :description, length: { maximum: 420 }, if: :local? @@ -176,9 +176,6 @@ class MediaAttachment < ApplicationRecord def set_type_and_extension self.type = VIDEO_MIME_TYPES.include?(file_content_type) ? :video : :image - extension = appropriate_extension - basename = Paperclip::Interpolations.basename(file, :original) - file.instance_write :file_name, [basename, extension].delete_if(&:blank?).join('.') end def set_meta @@ -223,13 +220,4 @@ class MediaAttachment < ApplicationRecord bitrate: movie.bitrate, } end - - def appropriate_extension - mime_type = MIME::Types[file.content_type] - - extensions_for_mime_type = mime_type.empty? ? [] : mime_type.first.extensions - original_extension = Paperclip::Interpolations.extension(file, :original) - - extensions_for_mime_type.include?(original_extension) ? original_extension : extensions_for_mime_type.first - end end |