mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 01:16:38 -06:00
FIX: do not treat TIFF, BMP, WEBP as images
Treating TIFF and BMP as images cause us to add them to IMG tags, this is very inconsistent across browsers. You can still upload these files they will simply not be displayed in IMG tags.
This commit is contained in:
parent
84a10f8212
commit
c50db76f5d
@ -282,7 +282,7 @@ export function validateUploadedFile(file, opts) {
|
||||
return true;
|
||||
}
|
||||
|
||||
const IMAGES_EXTENSIONS_REGEX = /(png|jpe?g|gif|bmp|tiff?|svg|webp|ico)/i;
|
||||
const IMAGES_EXTENSIONS_REGEX = /(png|jpe?g|gif|svg|ico)/i;
|
||||
|
||||
function extensionsToArray(exts) {
|
||||
return exts
|
||||
@ -348,7 +348,7 @@ export function authorizedExtensions() {
|
||||
|
||||
export function authorizedImagesExtensions() {
|
||||
return authorizesAllExtensions()
|
||||
? "png, jpg, jpeg, gif, bmp, tiff, svg, webp, ico"
|
||||
? "png, jpg, jpeg, gif, svg, ico"
|
||||
: imagesExtensions().join(", ");
|
||||
}
|
||||
|
||||
@ -376,7 +376,7 @@ export function authorizesOneOrMoreImageExtensions() {
|
||||
}
|
||||
|
||||
export function isAnImage(path) {
|
||||
return /\.(png|jpe?g|gif|bmp|tiff?|svg|webp|ico)$/i.test(path);
|
||||
return /\.(png|jpe?g|gif|svg|ico)$/i.test(path);
|
||||
}
|
||||
|
||||
function uploadTypeFromFileName(fileName) {
|
||||
|
@ -29,7 +29,6 @@ class OptimizedImage < ActiveRecord::Base
|
||||
end
|
||||
|
||||
def self.create_for(upload, width, height, opts = {})
|
||||
|
||||
return unless width > 0 && height > 0
|
||||
return if upload.try(:sha1).blank?
|
||||
|
||||
@ -180,7 +179,7 @@ class OptimizedImage < ActiveRecord::Base
|
||||
end
|
||||
end
|
||||
|
||||
IM_DECODERS ||= /\A(jpe?g|png|tiff?|bmp|ico|gif)\z/i
|
||||
IM_DECODERS ||= /\A(jpe?g|png|ico|gif)\z/i
|
||||
|
||||
def self.prepend_decoder!(path, ext_path = nil, opts = nil)
|
||||
opts ||= {}
|
||||
|
@ -3,8 +3,6 @@ require_dependency "image_sizer"
|
||||
|
||||
class UploadCreator
|
||||
|
||||
TYPES_CONVERTED_TO_JPEG ||= %i{bmp png}
|
||||
|
||||
TYPES_TO_CROP ||= %w{avatar card_background custom_emoji profile_background}.each(&:freeze)
|
||||
|
||||
WHITELISTED_SVG_ELEMENTS ||= %w{
|
||||
@ -47,7 +45,7 @@ class UploadCreator
|
||||
if @image_info.type.to_s == "svg"
|
||||
whitelist_svg!
|
||||
elsif !Rails.env.test? || @opts[:force_optimize]
|
||||
convert_to_jpeg! if should_convert_to_jpeg?
|
||||
convert_to_jpeg! if convert_png_to_jpeg?
|
||||
downsize! if should_downsize?
|
||||
|
||||
return @upload if is_still_too_big?
|
||||
@ -158,8 +156,8 @@ class UploadCreator
|
||||
|
||||
MIN_PIXELS_TO_CONVERT_TO_JPEG ||= 1280 * 720
|
||||
|
||||
def should_convert_to_jpeg?
|
||||
return false if !TYPES_CONVERTED_TO_JPEG.include?(@image_info.type)
|
||||
def convert_png_to_jpeg?
|
||||
return false unless @image_info.type == :png
|
||||
return true if @opts[:pasted]
|
||||
return false if SiteSetting.png_to_jpg_quality == 100
|
||||
pixels > MIN_PIXELS_TO_CONVERT_TO_JPEG
|
||||
|
@ -7,7 +7,7 @@ puts '', "Downsizing uploads size to no more than #{max_image_pixels} pixels"
|
||||
|
||||
count = 0
|
||||
|
||||
Upload.where("lower(extension) in (?)", ['jpg', 'jpeg', 'gif', 'png', 'bmp', 'tif', 'tiff']).find_each do |upload|
|
||||
Upload.where("lower(extension) in (?)", ['jpg', 'jpeg', 'gif', 'png']).find_each do |upload|
|
||||
count += 1
|
||||
print "\r%8d".freeze % count
|
||||
absolute_path = Discourse.store.path_for(upload)
|
||||
|
@ -155,8 +155,8 @@ describe OptimizedImage do
|
||||
describe ".safe_path?" do
|
||||
|
||||
it "correctly detects unsafe paths" do
|
||||
expect(OptimizedImage.safe_path?("/path/A-AA/22_00.TIFF")).to eq(true)
|
||||
expect(OptimizedImage.safe_path?("/path/AAA/2200.TIFF")).to eq(true)
|
||||
expect(OptimizedImage.safe_path?("/path/A-AA/22_00.JPG")).to eq(true)
|
||||
expect(OptimizedImage.safe_path?("/path/AAA/2200.JPG")).to eq(true)
|
||||
expect(OptimizedImage.safe_path?("/tmp/a.png")).to eq(true)
|
||||
expect(OptimizedImage.safe_path?("../a.png")).to eq(false)
|
||||
expect(OptimizedImage.safe_path?("/tmp/a.png\\test")).to eq(false)
|
||||
|
@ -204,16 +204,14 @@ QUnit.test("replaces GUID in image alt text on iOS", assert => {
|
||||
});
|
||||
|
||||
QUnit.test("isAnImage", assert => {
|
||||
["png", "jpg", "jpeg", "bmp", "gif", "tif", "tiff", "ico"].forEach(
|
||||
extension => {
|
||||
var image = "image." + extension;
|
||||
assert.ok(isAnImage(image), image + " is recognized as an image");
|
||||
assert.ok(
|
||||
isAnImage("http://foo.bar/path/to/" + image),
|
||||
image + " is recognized as an image"
|
||||
);
|
||||
}
|
||||
);
|
||||
["png", "jpg", "jpeg", "gif", "ico"].forEach(extension => {
|
||||
var image = "image." + extension;
|
||||
assert.ok(isAnImage(image), image + " is recognized as an image");
|
||||
assert.ok(
|
||||
isAnImage("http://foo.bar/path/to/" + image),
|
||||
image + " is recognized as an image"
|
||||
);
|
||||
});
|
||||
assert.not(isAnImage("file.txt"));
|
||||
assert.not(isAnImage("http://foo.bar/path/to/file.txt"));
|
||||
assert.not(isAnImage(""));
|
||||
|
Loading…
Reference in New Issue
Block a user