Prevent selection of unacceptable Content-Type files (#2910)

* Prevent selection of unacceptable Content-Type files

* replace hard code

* media_attachments accept content-types in initial state

2 files changed, 8 insertions, 2 deletions

diff --git a/app/views/home/initial_state.json.rabl b/app/views/home/initial_state.json.rabl
index b599b5cf0..ac0bee2e2 100644
--- a/app/views/home/initial_state.json.rabl
+++ b/app/views/home/initial_state.json.rabl
@@ -27,4 +27,10 @@ node(:accounts) do
   store
 end
 
+node(:media_attachments) do
+  {
+    accept_content_types: MediaAttachment::IMAGE_MIME_TYPES + MediaAttachment::VIDEO_MIME_TYPES
+  }
+end
+
 node(:settings) { @web_settings }
diff --git a/app/views/settings/profiles/show.html.haml b/app/views/settings/profiles/show.html.haml
index ed76885de..7b97fcae0 100644
--- a/app/views/settings/profiles/show.html.haml
+++ b/app/views/settings/profiles/show.html.haml
@@ -7,8 +7,8 @@
   .fields-group
     = f.input :display_name, placeholder: t('simple_form.labels.defaults.display_name'), hint: t('simple_form.hints.defaults.display_name', counter: "<span class=\"name-counter\">#{30 - @account.display_name.size}</span>").html_safe
     = f.input :note, placeholder: t('simple_form.labels.defaults.note'), hint: t('simple_form.hints.defaults.note', counter: "<span class=\"note-counter\">#{160 - @account.note.size}</span>").html_safe
-    = f.input :avatar, wrapper: :with_label, hint: t('simple_form.hints.defaults.avatar')
-    = f.input :header, wrapper: :with_label, hint: t('simple_form.hints.defaults.header')
+    = f.input :avatar, wrapper: :with_label, input_html: { accept: AccountAvatar::IMAGE_MIME_TYPES.join(',') }, hint: t('simple_form.hints.defaults.avatar')
+    = f.input :header, wrapper: :with_label, input_html: { accept: AccountHeader::IMAGE_MIME_TYPES.join(',') }, hint: t('simple_form.hints.defaults.header')
 
   = f.input :locked, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.locked')