Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Merge pull request from GHSA-9928-3cp5-93fm

Browse source 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
This commit is contained in:
Claire 2023-07-06 15:05:05 +02:00 committed by GitHub
parent 6d8e0fae3e
commit dc8f1fbd97
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 80 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/application.rb
View file

@ -28,6 +28,7 @@ require_relative '../lib/paperclip/url_generator_extensions'
require_relative '../lib/paperclip/attachment_extensions'
require_relative '../lib/paperclip/lazy_thumbnail'
require_relative '../lib/paperclip/gif_transcoder'
require_relative '../lib/paperclip/media_type_spoof_detector_extensions'
require_relative '../lib/paperclip/transcoder'
require_relative '../lib/paperclip/type_corrector'
require_relative '../lib/paperclip/response_with_limit_adapter'